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Cobol is far from dead, says William M. Ulrich. PAGE 30 —_ Wireless in the supply chain? Early pioneers say yes. PAGE 34 
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IT SECURITY DESTINED 
FOR ‘THE COURTROOM 


Analysts: Victims of cyberattacks likely to 
seek recompense from any ny party involved 
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FORMER CIO Katherine M. Hudson, now CEO of Brady Corp., says a 
CEO has to be the “consummate generalist.” 


HE TREND IS UNMISTAKABLE: 

More and more CIOs are breaking 

through the IT ceiling to become chief 

operating officers or even CEOs. But it 
takes business savvy and leadership skills that 
many CIOs will never have. 


Story by Melissa Solomon begins on page 38. 
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| end-user 


BY JAIKUMAR VIJAYAN 
Companies that don’t have 
consistent and verifiably ap- 
propriate security practices for 
protecting their IT 
opening 
up to liability law- 


assets are 
themselves 

suits, warn security 
experts. 

Although none have 
filed yet, such suits would 
force companies to take re- 
their 
however unwitting, in security 


been 


sponsibility for roles, 


involve their 
might in- 
denial-of- 


breaches that 
computers. These 
clude distributed 


service attacks, the spread of 


computer viruses, public dis 


closure of confiden 


IT LIABILITY tial information or fi- 
nancial loss to busi- 


ness partners and 
customers. 

“You can expect to see major 
liability lawsuits in the next 18 
months” or so, said Randy 
Marchany, a member of the 


PROBLEMS PLAGUE INVENTORY SYSTEM 


Late payments, lost 
discounts stymie L.A. 


BY MARC L. SONGINI 
The Los Angeles Police De- 
partment would have to write 
an awful lot of traffic tickets to 
break even after it got a 
$750,000 invoice for new cita- 
tion books that actually cost 
just $7,500. The culprit: incor- 
rect data entered into a new 
procurement and 
management system that the 
city government began using 
in January. 

The Police Department isn’t 


| the only agency in the City of 


Angels that’s having problems 


| with the $11 million system, 


which is based on PeopleSoft 
Inc.’s enterprise resource plan- 


| ning applications. City officials | 
this week confirmed that mul- | 
tiple departments have voiced | 


complaints about inadequate 
training 
desk support, 


inventory- | 


and help 
resulting in | 


billing problems, late pay- 
ments to suppliers and inven- 
tory shortages. 

“The [system] was meant to 
speed things up and save mon- 
ey,” said Laura Chick, a city 
councilor and the incoming city 
controller. “So far, we are not 
Los Angeles, page 16 


‘Loss’ Angeles 
>The city of Los Angeles 
is facing inventory 
stock-outs, billing 
problems, and inade- 
quate training and help 
desk support following 
the rollout of a PeopleSoft 
procurement system. The 
two-year, $11 million im- 
plementation went live in 
January. 


> City officials are work- 
ing on a proposal to ad- 
dress these issues. Among 
the major remedies they 
are considering is more 
extensive training. 


Virginia Tech Computing 

ter’s systems manage! 

group and the coordina 

its Computer In 

sponse Team, 

SANS 2001 tech 

ence in Baltimore last wee 
Increasingly, companies that 

fail to show due diligence 

minimizing their exposure t 


such threats will become tar- 


UCITA FOES SLOW 
BILL'S PROGRESS 


But software licensing 
battle far from settled 


BY PATRICK THIBODEAU 

Opponents of the controver 

sial UCITA software licer 

law appear to have succee 

in stalling the bil 

where it’s be 

this year. The 

measure has 

been robbed of th 

mentum it gaine 

lowing relativ 

tions in Mar 
But a sides in tl 


land and V 


which pits technology vendor 
against some of their corporat 
customers, say they're pr 
ing for years of haggling 
he Uniform Com 
mation Transactions Act 

“Is the fight over? No,” said 
Gordon Pence, an attorney at 
Caterpillar Inc., which is op- 
posing passage of UCITA by 
We did real- 
ly well this year, stopping it in 


state legislatures. “ 


all the states where it was in- 
troduced. But I don’t think the 
pro-UCITA contingency is go- 
ing to give up.” 

UCITA, page 16 








WE DIDN'T JUST JUMP ON THE 
INFRASTRUCTURE BANDWAGON. 
WV == 10) mm 





IT’S TIME TO SET THE RECORD STRAIGHT. 


LONG BEFORE OUR COMPETITORS EVEN ADDED THE WORD “INFRASTRUCTURE” 
TO THEIR VOCABULARY, WE WERE BUSY CREATING IT. SINCE WE FIRST LAUNCHED 
UNICENTER;? IT HAS BECOME THE DE FACTO GLOBAL STANDARD FOR MANAGING 
ALL eBUSINESS INFRASTRUCTURE. BUT WE DIDN’T STOP THERE—WE’RE ALSO 
THE WORLD LEADER IN SECURITY AND STORAGE SOFTWARE. EVERY DAY, OUR 
SOFTWARE HANDLES OVER 180 MILLION TRANSACTIONS, PROTECTS $50 BILLION 
IN WIRE TRANSFERS AND STORES 40 MILLION SECURITY EXCHANGES. EXPERTISE 
DOESN‘T HAPPEN OVERNIGHT. IT’S TAKEN 25 YEARS OF HARD WORK AND 
LEADERSHIP TO GET TO BE THE BEST. SO WHEN WE SAY YOU CAN TRUST EVERY 
ONE OF OUR 18,000 EMPLOYEES AROUND THE WORLD TO DELIVER THE SOFTWARE 


AND SERVICE THAT YOUR eBUSINESS’ SUCCESS DEPENDS ON, WE REALLY MEAN IT. 


Computer Associates™ 


f 


HELLO TOMORROW | WE ARE COMPUTER ASSOCIATES HE SOFT THAT MANAGES eBUSINES ca.com 





SHARPEN YOUR DATA WAREHOUSE PERFORMANCE. 


Want cutting edge ways to improve data warehouse performance? Turn to Syncsort’s multi-purpose tool kit. 
It starts with SyncSort, the world’s leading high-performance, multi-platform data manipulation and ETL 
(extract, transform and load) product for over 30 years. SyncSort cleans and sorts raw data, speeding data 
loading by up to 90%. Visual SyncSort combines the robust performance of SyncSort with the ease of a 
Windows-based drag-and-drop GUI. Sigma, a specialized data-aggregate engine, accelerates processing 
and query speed by up to 25% and makes an excellent complement to SyncSort. For multi-platform 
formats, your tool is FilePort, a powerful UNIX/mainframe bi-directional data conversion utility. Finally, 
safeguard what you’ve built — with Backup Express, a flexible, distributed, enterprise-wide backup and 
restore solution that works across platforms. 


For more information on improving your data warehouse’s performance with 
the Syncsort tool kit, a FREE trial, and your FREE handy multi-tool, visit 


www.syncsort.com/51cwa or call 201-930-8200. SMA EL 
syncsort 


— 





NEWS 6 


6 IBM middleware products get 
a Web services upgrade, but even 
the company says it’s still not an 

e-commerce panacea. 


7 Covisint outsources its entire 
infrastructure to Exodus. 


8 Software rivals Vignette and 
BroadVision both introduce up- 
grades to their portal products. 


10 IBM and Intel set up partner- 
ships with health care vendors 
to advance wireless technology 
in patient care. 


12 E-mail and Internet access are 
now available on the Royal Cana- 
dian Pacific, a luxury cruise train 
operating in the Canadian Rockies. 


14 The Bush administration be- 
gins to sell its new approach to 
critical infrastructure protection. 


KEEPING PACE 


HlGt HOPES, HARSH REALITIES 


WITH TECHNOLOGY 


CIOs like Cora ¢ 


armody 


(left) use many methods to 
keep up with developments 
in technology and to make 
sure that their IT staffs have 
the right mix of skills that 


can meet current 


and future 


Want a fat payc 
pele indust1 ry th 
cial services, r 
candidates seem t 
according to m 
spoke with, in 
WorldStreet’ 

eft). Problem 
ket has taken 


business needs. PAGE 44 worse, job candidates are more plentiful, 
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BUSINESS = 3 


34 Wireless supply chains are 
gaining steam as early pioneers see 
savings and increased efficiency 


36 Workstyles: A wunderkind 
gets a taste of the real world as 
lead developer at Lightflow. 


36 Ed Yourdon writes that out- 


sourcing is another element that 
project managers must master. 


38 ClOs are climbing the corpo- 
rate ladder to the top as IT grows 
in importance to businesses. But 
are they ready to be CEOs? 


46 IT graduates are entering the 
workforce en masse, but the num- 
ber of jobs available is decreasing. 


49 Joe Auer offers a list of tradi- 
tional leasing provisions that must 
be treated differently when the 
subject is laptops. 


(° L\X AIK MOREONLINE For treaknc news. u pdated twice daily tn 


WWW.COMPUTERWORLD.COM 


E-MAIL FLAP 


Sometimes, the e-mail list you 
acquire is more than you bar- 
gained for. Find out more in 
Deborah Radcliff’s column. 
www.computerworld.com/security 


visit our Web site cmmantaptanetls oniiiaiiaiiin 


HAMMERING 
OUT HIPAA 


Can a phased approach similar to 
that used by e-businesses be the 
thing that’s needed to bring the 
Health Insurance Portability and 
Accountability Act to life? Find out 
in the Computerworld Security 
Community. 
www.computerworld.com/security 


are more fussy, 


and 


salary offers are less generous 


than many job seekers are expecting. PAGE 62 


TECHNOLOGY 51 


52 An ion gun replaces a velvet 
covered rubber roller in IBM’s new 
method of manufacturing LCDs for 
computers. 


54 Security Journal: Security 
manager Mathias Thurman tests an 


intrusion-detection system to see if 


it lives up to its hype. 


96 Future Watch: A new ultra- 
sound system developed by AT&T 
will be able to locate a person 
wearing a tracking device to within 
inches, and then create a virtual 
picture of his environment. 


60 Emerging Companies: Kvs’s 
Enterprise Vault automates the 
archiving and retrieval of Micro- 
soft Exchange Server e-mail 


messages. 


58 Smart cards promise to 
increase security through better 
authentication, but users say tough 
integration and management 
issues remain. 


NEWBIE NEWS 


For more on trends in university 
IT programs, including a look at 
changes in enrollments, graduate 
numbers and degree programs at 
a few select colleges, head to 
www.computerworld.com/careers 


Maryfran Johnson wonde 
if we make too big a fuss about 


CIOs becoming CEOs 


Pimm Fox says IT does 
to spend a lot to help deal with 


crises such as “mad cow” 


John Gantz ur 


pare for a “scramble” to meet 


porate demand for mobile ac 


Don Tapscott writes that firr 


forge 


should use the Web to 
relationships with their customers 


William M. Ulrich e 
from your corporate 


Frank Hayes says that if y 
CIO is one of your company 
best-paid executives, consider 


yourself fortunate. 


Editorial/Letters 
How to Contact CW 
Company Index 
Shark Tank 


INFO CENTERS 


To find news, features opinions 
and Web resources on subjects 
from ASPs to Web site manage- 
ment, check out our Resource 
Centers. 
www.computerworld.com/cwi/ 
itresources 





Tivoli, IBM Prepare for 
Management Changes 


Tivoli Systems Inc. President David 
Murphy left the IBM subsidiary Friday 
to join a smalier software company 
in California. IBM spokesman Joe 
Stunkard confirmed Murphy's depar- 
ture, as well as reports that Steven 
Mills, an IBM senior vice president 
and group executive, will take over 
the head job at Austin, Texas-based 
Tivoli in the interim. Meanwhile, IBM 
Chairman and CEO Louis V. Gerstner 
said in a television interview last 
week that Sam Palmisano, IBM's 
president and chief operating officer, 
will take over the technology giant as 
soon as its board of directors is ready 
to make the change. 


RIM Gains Patent, 


Sues Competitor 


Research In Motion Ltd. (RIM), 
manufacturer of the compact Black- 
Berry e-mail pager, has landed a 
U.S. patent that protects its core 
Single Mailbox integration technolo- 
gy. That technology redirects mail 
from a host computer to mobile de- 
vices, letting mobile workers use 
the same address, regardless of 
their location cr terminal. Waterloo, 
Ontario-based RIM used the new 
patent as the basis for an infringe- 
ment suit against Glenayre Elec- 
tronics Inc. in Charlotte, N.C. 


Short Takes 


COMMERCE ONE INC. in Pleasanton, 
Calif., last week said it will lay off up 
to 10% of its 3,600-employee work- 
force. The company had not made 
the news public in early April when it 
announced an earnings drop, but a 
spokeswoman said the layoffs began 
in the middle of the first quarter. . . . 
The Wakefield, Mass.-based ASP 
INDUSTRY CONSORTIUM and the 
WORLD INTELLECTUAL PROPERTY 
ORGANIZATION (WIPO) released 
final guidelines that will be used by 
Geneva-based WIPO's Arbitration 
and Mediation Center to resolve dis- 
putes between application service 
providers and their customers on a 
global basis. 


NEWS 


IBM Moves ‘Toward 
Free Flow of Info 


But analysts question whether competitors 
will support its open B2B standards effort 


BY MICHAEL MEEHAN 
HI WORDS open 


and standards are 
loaded terms in the 
world of e-com- 


but IBM 
promised to re- 


merce, 
last week 
release its middleware prod- 
ucts around what it hopes will 
standards 


be open Internet 


that can nudge businesses 
closer to achieving the free 
flow of information 

Yet users and analysts ques- 
tioned whether vendors will 
ultimately be able to curb their 
proprietary tendencies to make 
the open standards IBM has 
embraced capable of mission- 
critical e-commerce. 

“It’s a big animal to move,” 
said Dave Kulakowski, a South 
Bend, Ind.-based development 
and technology manager at the 
aircraft landing systems divi- 
sion of Honeywell Internation- 
al Inc. “I don’t know that any 
one company can get you there 
by itself.” 

By the end of next month, 
IBM will release updated ver- 
sions of its WebSphere appli- 
cation DB2 relational 
database, Tivoli Web manage- 


server, 


ment tools and Lotus Domino 
messaging software. All releas- 
es will support the Simple Ob- 
ject Access Protocol (SOAP) 
delivery mechanism; the Uni- 
versal Description, Discovery 
and Integration (UDDI) direc- 
tory; and Web 
scription Language (WSDL), 
which defines what services a 


Services De- 


business offers and how trad- 
ing partners can electronically 
access those services. 

Rod Smith, IBM’s vice pres- 
ident for emerging technolo- 
gy, cautioned that airtight 
messaging security, transac- 
tional protocols and business 
process schema are all critical 


and still unavailable pieces of 


the e-commerce puzzle 

“I compare this to a 10-mile 
race, and we're still at the half 
to three-quarter mile,” he said. 

he finish line is a world in 
which corporations can freely 
exchange information both in 
ternally and externally, when 
and how they please. To date, 


most companies have been 


challenged to put their own 
houses in order, attempting to 
share only limited information 
the Web external 


over with 


parties. 


Slow Process 

Yet Smith stressed that IBM’s 
latest release will provide off- 
the-shelf tools to get a lot of 
firms in the race. He added that 
vendors face the challenge of 
convincing users that they can 
collaborate to build products 
that will work together. 

“Integration is not going to 
happen quickly,” he 
“[Vendors] have always made 


said. 


it real difficult to do business, 
haven't built to 
Web 
attempt to 


because we 


These news 


an 


standards. 
services 
change that.” 

Martin Marshall, an analyst 
at Zona Research Inc. in Red- 


are 


The Terminology 


>UDDI: A Web-based busi- 
ness-to-business directory 
where companies can list 
contact information and 
unique identifiers for the 
Web services they offer. 


> SOAP: A protocol that al- 
lows remote procedure calls 
and Web services to ferry 
past firewalls, using HTTP 
as its transport mechanism. 


>WSDL: An XML-based 
language used to describe 
the services a business of- 
fers and to provide a way for 
individuals and other busi- 
nesses to electronically ac- 
cess those services. 


wood City, Calif., said IBM is 
breaking some new ground by 
enabling existing middleware 
for business-to-business usage. 

“Wrappering 
has huge potential,” he said. 
“Why? Because [they've] al- 


legacy tools 


ready been debugged.” 

Yet he argued that giving 
companies a method to 
change doesn’t 


ex 
information 
solve the e-commerce puzzle. 
“It’s process and 
workflow that is the real nub 
of this stuff,” Marshall 
“That's the level at which things 


business 


said. 


IBM Graffiti Artist Ordered to 
Perform Community Service 


Company fined 
$18,000 for ads 


BY LEE COPELAND GLADWIN 


| A Chicago man accused of | 


| spray-painting 


Linux graffiti | 
ads on Chicago sidewalks for | 
IBM was ordered to perform | 


30 days of community service | 
in recompense for criminal 
property damage resulting | 
from his role in an ad cam- 
paign that went awry. 
The ads’ spray-painted | 
“peace, love and Linux” sym- | 
bols were part of a national | 
push by the company to sup- 
the Linux | 


port open-source 
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get done. And right now, we 
don’t know 
ferrable or if that’s where the 


if it will be trans- 


proprietization takes place.” 
Microsoft Corp., Sun Micro 
systems Inc. and Oracle Corp. 
will also be releasing e-com- 
merce product suites this year. 
Marshall said he suspects that 
few of the products will inter- 
operate with their 
competitors, beyond the mes- 


those of 
saging and directory levels 

Sun spokesman David Har- 
rah said his company plans to 
support the same Internet stan- 
dards as those in IBM’s release 
as “a cross-platform, vendor- 
neutral way of dishing up your 
data.” 

Ted Schadler, an analyst at 
Forrester Research Inc. in 
Cambridge, Mass., said he ex- 
that 
vendors adhere to certain stan- 
dards like SOAP, UDDI and 
WSDL but that ultimately, ven- 
dors will offer products before 


pects users to demand 


many customers have defined 
what they want. 

“They'll do it once in one in- 
dustry, and then it’s ready to 
sell to everyone else,” he said. 

On the upside, Kulakowski 
said, the WebSphere release 
will allow Honeywell to start 
pushing out to its suppliers 
and customers the Java-based 
objects it has been building in- 
ternally for the past three 
years. Honeywell now has Java 
everything 
from safety reports on its shop 
floor to tool design needs and 


components on 


tracking. 

“My guess is it’s going to take 
a long time to build those con- 
nections,” Kulakowski said. B 


operating system. 

The city made IBM pay 
more than $18,000 in fines to 
remove 105 sets of the graffiti 
— a blue peace sign, heart and 
smiling penguin from 
Chicago sidewalks. Blue is the 
company’s trademark color, 
and the penguin is the Linux 
mascot. 

The fee the company paid 
included the cost of cleanup 
plus a $50 fine for each side- 
walk defacing, said Ray Pad- 
voiskis, a spokesman for 
Chicago’s Streets and Sanita- 
tion Department. DB 
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Microsoft License Shift Creates Turmoil 


Companies forced 
to assess impact 


BY MARK HALL 
AND TODD R. WEISS 


Microsoft announce- 
ment earlier this month that it 
has restructured its volume li- 


Corp.’s 


censing and upgrade policies 
has sent IT managers scram- 
bling to review their current 
contracts. 

While the changes are good 
news for some, many compa- 
nies are still unsure what they 
will mean to their budgets and 
operations. And some IT shops 
will be forced into expensive, 
time-consuming audits of their 
systems just to see where they 
stand. 

Microsoft said it will extend 
its Select agreement to three 


two, lower the 
number of workstations from 
500 to 250 to qualify for its En 
terprise license, and offer sub- 
scription licensing, starting 
this fall. The company’s new 
Software Assurance upgrade 


years from 


policy will replace a handful of 


other programs it now offers 
[Page One, May 14]. 

At Delta Technology, the At- 
lanta-based IT 
Delta Air Lines Inc., spokes- 
man Kurt Ebenhoch said he’s 
not sure yet about what the 
new licensing provisions will 
mean for his company’s 45,000 
Windows-based desktop PCs. 

“We are still in the process 
of reviewing the changes and 
analyzing what impacts they 
will have,” Ebenhoch said. But 
because his company is still in 
the midst of an upgrade to 
Windows 2000, he said, his ini- 


Covisint Outsources Entire 
Infrastructure to Exodus 


BY LEE COPELAND GLADWIN 

Like many online exchanges, 
Covisint LLC has been hosted 
by a service provider since its 
September launch. But last 
week, the massive automotive 
industry exchange set 


its infrastructure, from security 
and storage to network ser- 
vices, to its host, Santa Clara, 
Calif.-based Commu- 
nications Inc. 


Exodus 


Users from several promi- 
nent business-to-business ex- 
changes said they have given 
only a sliver of their operations 
to Web hosting firms because 
of concerns about escalating 
costs, lack of application con- 
trol and unpredictable service. 

“I’m surprised at the extent 
that Covisint is relying on Exo- 
dus,” said Dana Tardelli, an an- 
alyst at Aberdeen Group Inc. in 
Boston. “Most businesses are 
rooted in internal technologies 
and they don’t want to relin- 
quish that much control.” 


itself 
apart by outsourcing the rest of 


Officials at Southfield, Mich.- 
| based Covisint said they have 
| been pleased with the service 

thus far and will extend the 
| contract to include global host- 
| ing operations, as well as disas- 
ter recovery, security, storage 
and network services for three 
data centers. 

But gaps in the quality of in- 

frastructure management ser- 
prompted other 
ink more 
stricted service contracts. 

FuelQuest Inc., a Web-based 
catalog for oil and gas distrib- 
utors, falls into that category. It 
uses Level 3 Communications 


vices have 


businesses to re- 


SEPTEMBER 2000 DECEMBER 2000 


Disaster recovery 
industry exchange services come 


The Covisint auto 


launches, hosted _ online. 
by Exodus Com- 
munications. 


subsidiary of 


tial feeling is that it won’t be 
immediately affected by 
pending changes, which take 
effect Oct. 1. Existing contracts 
Delta Technology has with Mi- 
crosoft for support for Win- 


the 


dows 2000 will continue to re- 
main in force, he said. 


Cloudy Implications 

IT shops not currently work- 
ing on upgrades may not be so 
lucky. 

“A lot of companies are going 
to spend a lot of time and mon- 


| ey just trying to figure out the 


implications,” said Don Bussell, 
president of Omicron-Chicago, 
a Glen Ellyn, Ill.-based inde- 
pendent user organization for 
large IT sites. Bussell said a lot 
of IT managers will be running 
unplanned audits of every 
workstation in their company 


to determine what Microsoft 


Inc. in Broomfield, Colo., for 
disaster recovery and broad- 
band services. But while its pro- 
duction servers are kept at a 
nearby Level 3 facility, Houston- 
based FuelQuest’s staff han- 
application monitoring 
and problem fixing, said Scott 


dles 


Cilento, director of operations. 
Given that the applications 
are critical to the business, it’s 
important to pay close atten- 
tion to maintenance, he said. 
“We're basically just using 


their facility,” said Cilento. If 


“a [Fuel- 
Quest] stockholder employee 
is driving out there to fix the 
issue right away,” he explained. 

Oracle Corp. hosts Global- 
NetXchange LLC’s Oracle pro- 
curement platform, and the re- 
tail exchange’s collaborative 
planning and forecasting ser- 
vices applications are hosted 


there’s a problem, 


JUNE 2001 


Web hosting is expected to 
begin for its European op- 
erations and in the near fu- 
ture for Asian operations, 
according to Covisint. 


Audit Trail 


In the wake of Microsoft’s 
license and upgrade changes, 
IT managers may need to: 


>COUNT ail workstations 


and servers. 


>DISCOVER all Microsoft 


products on them. 


>DETERMINE the soft- 


ware release levels. 


>MAKE software current 
or remove it from PCs and 
servers. 
them, which 
and whether it 


software is on 
release it is 
needs to be upgraded. 

“If you don’t have a great 
asset-management system, it’s 
going to be an expensive pain 
right now,” Bussell said. 

Joe Rowell, technology man- 
ager at Seattle-based Inchcape 
Shipping Services Ltd., said his 
hasn't 


company concluded 


by Manugistics Group Inc. in 

Rockville, Md. But San Francis- 

co-based GlobalNetXchange 

manages security access rights 
and services internally. 

“One thing that our custo- 
mers expect is privacy of their 
data and confidentiality, so we 
take that aspect very serious- 
ly,” said Bharat Popat, 
president of product manage- 
ment at GlobalNetXchange. 

Costs also affect the extent 
to which business-to-business 
exchanges outsource hosting 
and other services. 

Michael Ereli, chief technol- 
ogy officer at CheMatch.com 
in Houston, decided on a hy- 
brid approach to support the 
online petroleum-based prod- 
uct exchange. Instead of rent- 
ing hardware and software, 
CheMatch spent about $1 mil- 
lion on separate servers for 
development, staging and pro- 

| duction applications. The stag- 
ing and development hardware 
are kept in-house, but the pro- 
duction machines 
Digital Island Inc.’s data center 
in north Texas. 

“It was cheaper than renting 
in the long run, if you own the 
equipment for more than two 
or three years,” said Ereli. Hav- 


vice 


reside at 


what the cost impli 
Microsoft’s policy shift 
But he said he isn’t cor 
about overseeing a tim 
suming audit. 

Rowell said his 


} 


the Microsoft 


part of 
part oO! 


program, which means that 
Microsoft keeps a list of all of 
the software his cc 
He said he compa 
his own 


isset Management 


software from Remedy Corp 
in Mountain View, Calif. 

a complete view of his licensed 
software. 

While some users privately 
complained that the change 
appears to be just another way 
for Microsoft to make 


more 


money, others were upbeat 
about the new program. 


j 


“This is a good thing,” said 
Tom Nolan, director of IT at 
the American Institute of Cer 
tified Public 


New York. “It guarantees sta- 


Accountants in 


ble prices over the life of the 


agreement.” D 


ee 
Hand It Over 


Strategies for handing over 
Web operations to a hostir 


firm include the following: 


w Have internal staff handle 


ing exactly duplicated environ- 
ments also makes it easier to 
make changes and move ap- 
plications, he added. 
Crane Canada Inc., a Strat- 
Ontario-based 
industrial and 
launched its e-commerce oper- 


October but 


ford, maker oO! 


pipes valves, 
ations in found 
that it was cheaper and easier to 
set up its hosting infrastructure 
in-house, said Helene Zonana 
Cohen, e-commerce director at 
online unit CraneSupply.com 
“Exodus was too expensive 
for the type of volume we were 
expecting,” said Cohen of the 
CraneSupply.com site, 
posts about $400,000 worth of 


whl 


te — “h rv th 
transactions each month. DB 
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As Economy Slows, Companies Turn to Supply Forecasting 


Proper use of software helps manage risk 


BY MARC L. SONGINI 

With a giant like Cisco Systems 
Inc. getting stuck with $2.2 bil- 
lion-plus in excess inventory, 
many companies are 

thought to 

that 
excess Capacity as well as high 


demand 


giving 
damage 


handle 


serious 


control systems 


Supply risk manage 


ment, although relatively new, 
could be critical to survival, say 
analysts. Rather than waiting 
until the eleventh hour to deal 
with bloated supply chains and 
excess production, some com- 
panies are 


using monitoring, 


event management, forecast 


ing, collaboration and simula 
tion applications to avoid hold 
ing excess and rapidly depreci 
ating inventory 
“I feel half my job is risk 
said Benjamin 
irector of supply plan- 
and management at Sun 
Microsystems Inc 
Companies using forecast- 
ing applications often over- 
state their needs to suppliers 
to avoid running out of inven- 
tory, said Doug Thomas, an as 
sistant professor of business 
logistics at Pennsylvania State 
University’s Smeal 
But properly used Web-based 
forecasting systems that read 


College. 


actual sales data can prevent 
“suppliers from building huge 
stockpiles of inventory when a 


product is not selling,” he said 

Such systems can also help 
companies determine where to 
distribute inventory when they 
find themselves with too much 
on their hands 

For example, Canton, Ohio- 
The Belden Brick Co. is 
rolling out event management 


based 


software from InterBiz, a divi- 
Islandia, N.Y.-based 
Computer Associates Interna 
Inc., 


sion of 


tional to cope with de- 

mand changes automatically. 
While the details are still un- 

folding, Jeff Adams, director of 


IT at Belden, envisions writing 


business rules that could no 
tify customers via its extranet 
when excess inventory is avail 
able at a discount, then move it 
on the fly 

Excess production is a fear 
in this softening economy, said 
Adams. “A key customer might 
tell us, ‘We know we 
to take a mil- 
lion bricks,’ and put 


want 


in an order, but they 
back 


late1 


might come 
three 


and 


months 


say they don’t 
want all of them,” he 
explained. “That is 
one of our big con 
cerns, that we don’t 


get too far ahead 


NS 
ADAMS: Doesn't 


want to “get too far 
ahead” of orders. 


based on their predictions.” 
Sun doesn’t want too much 

expensive but it 

can’t afford to have too little, 


inventory, 
either, said Ma. To minimize 
risk on both ends, Sun feeds 
and field 
sales data into a supply chain 


customer survey 


modeling applica 
tion from Rapt Inc., a 
San 
software vendor. 

The Rapt tool lets 


Francisco-based 


Sun go through vari- 
inventory 
narios and see how 


ous sce- 
missing or exceeding 
different 
thresholds will affect 
the supply chain. 


inventory 


Rival Vendors Update 
Their Portal Software 


Latest versions from BroadVision, Vignette 
support interfaces to link to legacy apps 


BY LEE COPELAND GLADWIN 
EB SOFTWARI 
heavyweights 
BroadVision 
Inc. and Vig- 

nette Corp. week an- 

nounced upgrades to their 
sparring portal products. 


iast 


Steel Exchange Goes live. 


BY MICHAEL MEEHAN 
Last week, the Global Steel Ex- 
change officially debuted, al- 
lowing companies to swap 
raw materials and finished steel 
online. 

Founded by Duferco SA in 
Switzerland, Cargill Steel in 
Minneapolis, Samsung Corp. 
in South Korea and Trade- 
ARBED of Luxembourg’s 
ARBED Group, the market- 
place has commitments from 
its founding members for $5 
billion in transaction volumes 


During its one-month beta 
test, the Chicago-based mar- 
ketplace managed to trade 
257,665 tons of product, with 
the largest transaction being 
48,000 tons of Brazilian pig 
iron. 

Registration is open to all 
steel buyers and sellers. The 
exchange offers logistics and 
financing services as well as 
steel products. 

Competitors include E-Steel 
LLC in New York and Metal- 
Spectrum in Atlanta. D 


Redwood City, Calif.-based 
BroadVision InfoEx- 
change Portal 6.0, an update 
from the first iteration of the 
product, which was released 
last fall. Vignette Corp. in 
Austin, unveiled its 
packaged portal offering, En- 
terprise Application Portal 2.0, 
which officials said is the cul 


released 


Texas, 


mination of work the company 
has done building portals for 
numerous customers. 

Analysts said both products 
raise the bar in the crowded but 
evolving portal market, because 
both vendors bring a high level 
of expertise in e-commerce and 
content management. 

“Portals unify applications 
on the desktop, and it’s be- 
coming a core communication 
piece for e-business,” said 
Charles Luce, an analyst at 
The Delphi Group in Boston. 

That’s exactly what R.R. 
Donnelley & Sons Co. is doing 
with its hodgepodge collection 


of 1,200 applications used by 
its 34,000 employees 

Gary Sutula, CIO at Chicago- 
based R.R. Donnelley, said his 
IT staff is using BroadVision’s 
InfoExchange Portal 
halfway through whittling its 
application set to 
60 from 1,200. The 
staff is also build- 
ing a book portal 
to get information 
to customers in a 
more timely man- 
ner. “The book 
business is a highly 
transactional busi- 
ness,” he said. “And 
we were spending 
quite a bit of time 
in customer ser- 
and getting 
information to our 
customers, which 
was really, to be quite honest, 
a little on the stale side.” 

Both products offer single 
sign-on capabilities, which let 
users access different applica- 
tions without having to au- 
thenticate password and log-in 
information each time. The 
portals from both vendors 


and is 


Edition 


vice 


Portal 
Rivals 


New portals from 
Vignette and Broad- 
Vision both have: tal 


# Support for Java 2 Enterprise 


2 sign-on capabilities 
w= Aset of application program 
ming interfaces for integrating 
with legacy applications 


| 


COMPUTERWORLD May 21, 2001 


FedEx Custom Critical Inc. in 
Akron, Ohio, which carries in 
dividual shipments between 
businesses, uses sophisticated 
proprietary systems developed 
over a period of 20 years to en 
sure that the right number of 
vehicles will be available when 
they are needed most. 

I orecasting can be especially 
challenging the 
changing needs of customers, 
said Joe Childs, vice president 
of marketing at the subsidiary 
of FedEx Corp. in Memphis. A 


because of 


customer may need the firm’s 
services several times in 
week, then not contact it again 
for six months. 

Still, “you’ve got to preplan 
and have programs in place,” 
said Childs. “There's a high fail- 


one 


ure rate if you do it during an 
emergency.” D 


also support Sun Microsys- 
tems Inc.’s Java 2 Enterprise 
Edition specification and offer 
a slew of interfaces to connect 
portal applications with exist- 
ing legacy systems. 

Luce added that integrating 
portal applications with exist- 
ing legacy systems is a chal- 
lenge. 

“The vendors are doing inte- 
gration on the front end,” he 
said. “But a lot of companies 
are facing massive integration 
tasks because they want their 
portals to talk to 
ERP systems or 
workflow engines 
or any other major 
category of enter- 
prise application.” 

The BroadVision 
InfoExchange Por- 
will 
set of portlets, Java- 
Beans and _inter- 
faces for integrat- 


include a 


ing into other ap- 
plications when it 
ships next month. 

Vignette plans to 
offer two sets of 
integration plug-ins with 
its portal, which is due to ship 
in mid-July. Pricing for 
the products wasn’t disclosed, 
but BroadVision said an aver- 
age software package costs 
$470,000; Vignette estimated 
its average package price at 
540,000. B 











NO, !T'S NOT A TYPO. 


Get the latest IBM @server technology 
for about the price of a PC. 


 @server x 


IBM @server xSeries 200 IBM @©server xSeries 220 


*829 $1,249 


SuccessLease™ SuccessLease 


for Small Business *29/MO.°, 36 MOS. for Small Business °44/MO., 36 MOS 





CUSTOMIZE YOURS: CUSTOMIZE YOURS: 
10/20GB TRS Internal EIDE Tape Drive 18.2GB Ultra160 Hot-Swap Hard Drive 


FREE: | 2227121 Ser sere ac ot out ane 


M EMORY | valid only in tt through June 3 1 Additional 20GB Ultra-ATA 100 EIDE Hard Drive APC Smart-UPS 700 Backup Power Supply 


DIRECT [0 YOU 


Call toll free 1 866 426-9552 or 


Click www.ibm.com/eserver/xseries/M 114 
pentiume/// to buy direct o IBM reselle 


Pricing shown is price available fre Rese ces may vary. IBM price does 
performance. ‘Maximum mr c and may require repl N 
nal hard disk drive capacity assumes th 2 a tio drive bi the largest 

nited Warranty, call 1 800 7 227 e e D dditional ¢ warranties including onsite la 

ccessLease is offered by third-party providers of business financing approved by IBM Global Financ 
to qualified business customers only, installing in the US. Documentation and first month’s pay d 
to alter prod and specifications at any time, withc e. Su Lease and all IBM product names are registered trad S or trademark national Bus: 
trademarks and Celeron is a trademark of Inte! Corporation. Other company, product and service names may be trademarks or service marks of othe 01 IBM Corp. All rights reserved 


Palm Cancels Merger, 
Slashes Sales Forecast 


Palm Inc. in Santa Clara, Calif., 
warned last week that revenue for 
its fourth fiscal quarter will come in 
at about half its original forecast and 
said it has agreed to cancel its pro- 
posed merger with wireless infra- 
structure provider Extended Sys- 
tems Inc. in Boise, Idaho. Palm's 
new m500 line of handheld comput- 
ers is shipping later than planned, 
which means distributors, retailers 
and resellers won't be able to re- 
order during the company’s fourth 
quarter, CEO Cari Yankowski said. 
The delay in shipments accounts for 
most of the revenue shortfall but has 
been compounded by the slowing 
economy, he added. 


Cross-Platform 
Database Ready to Go 


Filemaker Inc. in Santa Clara, Calif., 
announced last week that its File- 
Maker Pro 5.5 is the first software 
to run both in native mode for 
Microsoft Corp.'s Windows 2000 
and in the new Mac OS X operating 
system from Apple Computer Inc. 
The $249 database software prod- 
uct, which is shipping now, will also 
work on Linux. The release includes 
new record-locking security fea- 
tures and Web publishing capabili- 
ties. It also adds dynamic SQL 
query functions for integration with 
Oracle, Microsoft SQL Server and 
other enterprise databases. 


Microsoft Releases 
Win 2k Update 


Microsoft last week released Win- 
dows 2000 Service Pack 2 (SP2). 
It’s the first Windows platform to 
ship internationally with 128-bit 
encryption and includes myriad 
bug fixes, directory services fixes, 
application compatibility updates 
and security patches. According to 
Microsoft, the update addresses 
more than 500 known issues in 
Windows 2000 and its associated 
Service Pack 1. SP2 is a “recom- 
mended” but not required update. 
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IBM, Intel Push 
Wireless Health Care 


Security remains 
a major concern 


BY JULEKHA DASH 
IBM and Intel 


last 


OTH 
Corp. week 
joined the growing 
list of firms part- 

nering with health 
care vendors to promote the 
use of wireless technology. But 
while mobile technology gains 
ground in health care, security 
concerns continue to impede 
its widespread adoption. 

IBM announced last Tuesday 
that it will install back-end sys- 
tems and provide systems inte 
gration and training to clients 
who use Brighton, Mass.-based 
PatientKeeper Inc.’s software, 
which tracks medical records 
on mobile devices. 

The day, Allscripts 
Healthcare Solutions 
Libertyville, Ill., 
announced that they plan to in- 
tegrate Intel’s PRO/Wireless 
2011 LAN with 
Allscript’s software, which au 


same 
Inc. in 


and Intel 


products 


tomates physician tasks such 
as prescribing medication and 
capturing billing information 
ona mobile device 

As such announcements in- 
crease in frequency [Computer- 
world.com, Jan. 26], health care 
organizations are showing a 
growing interest in wireless 
devices, according to a survey 
released last month (see chart) 
by the Chicago-based Health- 
care Information and Manage- 


Top Tools 


ment Systems Society (HIMSS) 
Half of the survey’s 688 re 
spondents said wireless infor- 
mation devices would be the 
top emerging technology that 
their organizations would de 
ploy within the next two years, 
compared with 29% last year. 

But in 
hospitals to adopt new tech 


order to persuade 


nologies, vendors must win 
over physicians, who control 
much of the spending, said 
inde- 


Richard Telesca, an 


pendent health analyst 
in Hartford, Conn. “Hospitals 
anything 


endorse,” 


care 


are hesitant to 
that 


use 
doctors don’t 
Telesca explaine d. 
Another 
health care organizations is se- 
curity, said Jon Bogan, presi- 
dent of HealthCIO.com Inc., a 
health technology market re- 
search firm in Duxbury, Mass. 
‘Security is the No. 1 barri- 


obstacle among 


er,” he said 

The University of Virginia 
Health System is waiting until 
the 
rules of the 


Portability 


the releases 
final 
Health 


and Accountability Act before 


government 
securily 
Insurance 


expanding its pilot of wireless 


devices for use in capturing 
patient information in emer- 
gency rooms, according to 
Steve Stearns, director of com- 
puting operations. 

Once the rules are finalized, 
expects that 
Va.-based 


have to 


Stearns said, he 
the 
health 
encrypt any patient data on 


Charlottesville, 


system will 


wireless devices. However, he 


Top technologies to watch in health care: 


THiS YEAR| LAST YEAR | 


Wireless information appliances 


Web-enabled business transactions 


Handheld personal digital assistants 


Voice recognition 


Base: 688 health care providers. From the 12th annual HIMSS Leadership Survey. 


Dell Computer Corp. and Superior Consultant Corp. 


said, he won’t know for sure 
until the regulations come out 
later this year. 

Stearns said there’s also 
concern about the safety of 
using wireless devices around 
patients. “There are document- 
ed instances where wireless 
devices interfered with patient- 


monitoring equipment in in- 


COMPUTERWORLD May 21, 2001 


tensive-care units,” he said. 

But some users are ready to 
overhaul their systems in order 
to have wireless capabilities 
for their physicians. 

Solomon Appavu, director 
of systems planning at Cook 
Hospital in Chicago, 
said the organization is replac- 


County 


ing its clinical information sys- 
tems with a product that will 
let physicians access medical 
records using a mobile device. 
Wireless 
nience to physicians because it 


provides conve- 
“gives ready access to informa- 
tion, wherever they are,” said 
Appavu. D 


New Features Draw Users to 
Information Builders Show 


Attendees hope to 
learn new ways 
to use products 


BY JULEKHA DASH 
Information about new prod- 
uct features such as Cascading 
Style Sheets and mobile ap- 
plications is expected to draw 
about 600 users of Information 
Builders Inc.’s Focus and Web- 
Focus business intelligence 
products to its conference to- 
day at Walt Disney World Re- 
sort in Orlando. 

Several educational and gov- 
ernment organizations, includ- 
ing NASA and the Social Secu- 
rity Administration, are sched- 
uled to present ways in which 
they use Information Builders’ 
data management products. For 
instance, David Hall, assistant 
director for the office of plan- 
ning and institutional effec- 
tiveness at Florida Interna- 
tional University in Miami, 
will demonstrate how to de- 
velop online training courses 
to support WebFocus. 

Hall said he hopes to learn at 
the conference how to make 
Web pages more dynamic using 
Cascading Style Sheets, which 
let authors format HTML docu- 
ments from a single file. 

“I know I’m not using [Web- 


Focus] as well as I could,” he 
said. “I use 50% of the capabili- 
ty.” Another topic of interest 
is learning better ways to dis- 
tribute reports throughout en- 
terprises, said Hall. Last fall, 
Information Builders launched 
software that lets users receive 
information from _ corporate 
databases via e-mail on mobile 
devices. 

Henry Morris, a vice presi- 
dent at Framingham, Mass.- 
based IDC, said he expects 
New York-based Information 
Builders to make announce- 
ments at the conference about 
expanding its support for mo- 
bile Morris said he 
also expects that many sessions 


devices. 


will discuss creative ways of 
distributing reports that are 
simple yet deliver the informa- 
tion that end users want. 

Gary Fischer, manager of 
data warehouse architecture at 
Park Ridge, NJ.-based Sony 
Electronics Inc., a subsidiary 
of Tokyo-based Sony Corp., 
uses WebFocus to analyze 
everything from sales to inven 
tory to human resources data 
contained in SAP AG’s R/3. 

Fischer, who’s currently in- 
stalling an SAP data ware- 
house, said he plans to upgrade 
his version of WebFocus and to 
learn how end users can apply 
it to extract information from 
the data warehouse. D 
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E-Mail, Web Access 
Arrive on Rail Service 


Canadian excursion train may be 
first to offer passengers such services 


BY BOB BREWIN 
ASSENGERS aboard 
the Royal Canadian 
Pacific cruise train, 
which kicked off its 
2001 operating sea- 

son Friday, can relax in the 

same luxurious staterooms 
that once hosted British royal 
ty and Winston Churchill. 

Now, they can also access their 

e-mail and the Internet, which 

may be a first in passenger rail 
service. 

The Royal Canadian Pacific, 
which operates summer-only 
trains through the 


Canadian Rockies, is the first 


excursion 


passenger train “to offer e-mail 
and Internet service in North 
America and possibly the 
world,” said Steve Barry, editor 
of Railfan & Railroad maga- 
from Publica- 


tions Inc. in Newton, NJ. 


zine, Cartsens 

David Walker, managing di- 
rector of the Royal Canadian 
Pacific, said demand for e-mail 
and Internet access from pas- 
sengers last year — the train’s 
inaugural season — pushed the 
company to retrofit the 1920s- 
era cars with a mobile commu- 
nications system. 

Each passenger stateroom, 
as well as the train’s lounge, 
contains a standard telephone 
and modem jack, with ordinary 
twisted-pair copper wiring con- 
nected through an onboard pri- 
vate branch exchange (PBX), 
said Jim Provost, owner of Cal- 
gary, Alberta-based Tele-Com 
Application Services Ltd. Tele- 
Com did the wiring and phone 
and modem installation on the 
train over a four-month period 
this winter. 

The hardest part of the job 
was the between-car wiring 
runs, which were subject to the 
stress of train movement, ac- 
cording to Provost. “This was 


the real challenge,” he said. 


“We had to allow some flexibil- 
the wires 
break from all the movement.” 

The PBX is linked to a 
wiring closet that 
six rack-mounted cellular tele- 
phones, which are in turn con- 
antennas 
on the roof of the rail car. 

Don Wilkat, service manag- 


ity so would not 


contains 
mounted 


nected to 


er at Calgary-based Caltronics 
Ltd., which 


supplied the wireless gear for 


Communications 


the train, said each cell phone 
is connected to a black box 
called a “tip and ring genera- 
tor,” 


which emulates a stan- 


dard wired phone connection. 


“When you plug your laptop | 


in, it thinks it’s connected to 
landline,” Wilkat said. 


nominal, he said, 


$300 for the phone emulator. 


Passengers should experi- 


ence connection speeds of 4.8K |: 
said, |; 
depending on the distance of | 


to 9.6K bit/sec., Wilkat 


the train from a cell tower and 
the While far 
slower than standard dial-up 
speeds of 56K bit/sec., through- 
put from the Royal Canadian 
Pacific will well exceed recent- 
ly introduced Internet access 
services on airplanes, which 


topography. 


are limited by low-speed satel- 
lite links to 2.4K bit/sec. 

Wilkat described the Royal 
Canadian Pacific wireless sys- 


Enterasys Gets a Jump on 
New Wireless LAN Standard 


But Cisco claims that 802.lla isn’t ready 


BY JAMES COPE 
While equipment that 
ports 802.lla, the forthcoming 
54M _ bit/sec. wireless LAN 
standard, won't likely be avail- 
able for deployment until some- 
time next year, one vendor has 
decided to jump in early, to the 
chagrin of its competitors. 
Enterasys Networks Inc. in 
Rochester, N-Y., said it will in- 
troduce this summer a wire- 
less LAN access hub called the 
RoamAbout2 that supports the 


sup- 


new standard. 

Wireless LAN hubs receive 
and transmit wireless signals 
between the end user and the 
wired LAN. Most existing hubs 
use the 802.1lb IEEE specifica- 
tion, which supports wireless 
traffic at 11M bit/sec. But ac- 
cording to Enterasys, its new 
is a dual-slot 


device chassis 


that will hold not only the 
802.11b card, but also a yet-to- 
be-released 802.1la card. 
Enterasys promoted its de- 
vice at Networld+Interop two 
weeks ago, which seems to have 
riled competitors. Last week, 
Cisco Systems Inc. issued a 
statement specifically address- 
ing the Enterasys announce- 


802.11: Up to 2M bit/sec. 
2.4-GHz frequency range 


802.11b: Up to 11M bit/sec. 
2.4-GHiz frequency range 


802.lla: Up to 54M bit/sec. 
5-GHz frequency range 


a 
Total | 
cost per line for the gear was |# 
at roughly | 
$300 for the phone and another | 
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ROYAL CANADIAN PACIFIC passengers can access their e-mail and the 
Internet from a newly installed wireless communications system. 


tem as simple technology, us 
ing older but proven 3W ana- 
log cell phones and standard 
telephone wiring. “Yes, it’s 
simple. But it’s a good idea to 
keep things simple,” he said. 
“And it works.” He added that 
other rail carriers could easily 


ment and told Computerworld 
that it doesn’t believe 801.lla is 
ready for prime time. 

Wireless LAN provider Prox- 
im Inc. in Sunnyvale, Calif., 
weighed in last week, saying it 
would incorporate 802.lla into 
line of 802.11b 
selling 802.lla- 
specific access hubs instead of 
dual-slot hubs that handle both 
specifications. 
802.lla likely 
ransmit as far as 802.llb, 
which means a dual-slot ap- 
proach could leave holes in 


its Harmony 
products by 


Proxim’s 
won't 


rea- 


soning: 


wireless coverage. 

James Wiedel, director of 
networking at the University 
of Southern California in Los 
Angeles and an 
wireless LAN customer, called 
Cisco’s reaction “typically Cis- 
co,” noting that, “Cisco always 
wants all of your business.” 

Wiedel has already ordered 
some RoamAbout2s. “They'll 
let us run llb now, and in the | 
future, all we have to do is drop 
in an lla unit, and it will run it, 
too,” he said. | 

Wiedel said he’s concerned | 
that Cisco will end up with a | 
proprietary 802.lla system that | 


Enterasys 


and cheaply offer an equiva- 
lent service, depending on the 
mobile phone coverage along 
their tracks. 

The Royal Canadian Pacific 
is operated by the Canadian 
Pacific Railway in Calgary, Al- 
berta. D 


works only with other Cisco 
equipment. 

J.P. Garvin, assistant director 
of information systems at the 
Johns Hopkins School of Pub- 
lic Health in Baltimore, dis- 
agreed. While the 11M bit/sec. 
wireless Cisco Aironet system 
he has installed to serve 1,500 
students does include mostly 
Cisco network interface cards, 
he said he also tested 802.11b 
from Dell Computer 
Corp. and from Agere Systems 
Inc. in Allentown, Pa., with the 
Cisco wireless access hubs. 

“They work just fine with 
the Aironet,” Garvin said. 

John Smolek, a research ana- 
lyst at IDC in Framingham, 
Mass., said the faster 802.lla 
specification might be right 
for high-bandwidth applica- 
tions but isn’t necessarily ap- 
propriate for those that require 
the longer reach of 802.1b. 

An Enterasys spokesman said 
that RoamAbout2 will list for 
$1,900 per access point with 
transceiver cards in both chas- 
sis slots and will be available in 
July. But the 802.lla card won't 
ship until late this year or the 
first quarter of next year. D 


cards 
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you wouldn't expect from an Internet company. 


Leading suppliers of managed Internet 
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infra- 


A HISTORY. 


overnight. So where did we come from? 


Initially, we were known as a research and 


development company called BBN 
As BBN, we developed what would 
become the Internet, then went on to 
establish a number of other firsts. The 
first router, the first e-mail message sent 
over a network, the first packet network 
encryption technology and more. 
Years later, GTE acquired BBN 
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eBusiness 
Network Platform 


expand their existing infrastructure into a 


17,500-mile, Tier 1, fiber-optic global network 


This powerhouse of Internet services was 


spun off from GTE last year, and today we're 


a billion-dollar company known as Genuity 


Innovation is in our blood. And now 


we've combined our expertise in Web Hosting, 


internet Access, Transport and Security 
into a scalable and secure, ready-to- 
launch eBusiness Network Platform 
called Black Rocket. Our team of 
‘Rocket Engineers” can ensure your 
project runs smoothly from the start 
allowing you to reduce the time, 
cost and complexity of building 
and deploying eBusiness 
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New IIS Patch Offered 


Microsoft Corp. is urging users of its 
Internet Information Server (IIS) 
software to install another patch, 
this time to plug three newly discov- 
ered security holes and to correct 
errors made in a trio of earlier 
patches developed for the Web 
server package. Separate versions 
of the patch can be downloaded for 
lS 4.0 on systems running Win- 
dows NT 4.0 and for IlS 5.0 on 
Windows 2000-based servers. 


Write Virus, Win Prize 
Antivirus vendor GateKeeper LLC in 
Leesburg, Va., is launching its sec- 
ond virus-writing competition today. 
The prize: $10,000. The challenge: 
to get a new virus onto a decoy 
desktop inside the GateKeeper net- 
work, something that took three 
weeks to accomplish in last year's 
contest. While GateKeeper claims 
that the contest helps it develop 
better products, it has drawn fire 
from the IT and vendor community. 


If It's Not One Worm ... 


A worm called VBS.Hard.A@mm 
showed up in users’ in-boxes last 
week disguised as a virus alert from 
Symantec Corp., the antivirus ven- 
dor said in a virus alert. 

If a user opens the attachment 
www.symantec.com.vbs, the user’s 
default Web page is changed to a 
fake Symantec virus information 
page, and the worm then sends 
itself to everyone in the infected 
PC’s Outlook Express address book. 
However, Symantec said the worm 
is low risk and doesn’t cause seri- 
ous damage. 


... It’s Another 


Another Visual Basic Script worm 
spread itself to users of Microsoft's 
Outlook e-mail software last week, 
although security analysts said 
most of the infections took place 
outside the U.S. Several antivirus 
software vendors posted advisories 
about the new worm, which has 
been dubbed Mawanella, the word 
that appears in the subject line. 
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White House Rewriting 
National ITV Security Plan 


Says it will oppose regulations that 
force businesses to upgrade security 


BY PATRICK THIBODEAU 


HE BUSH adminis- 
tration has begun 
an effort to reorga 
nize and 


the 


rewrite 
federal plan 


for protecting the nation’s 
largely privately owned critical 
infrastructure 
The White House contends 
that the existing plan isn’t 
helping businesses strengthen 
their IT security defenses 
Administration officials be 
gan selling their new approach 
to businesses last week with 
what appeared to be 
a good cop/bad cop 
The 


routine: good- 


cop administration 


says it will oppose 
new regulations forc- 
ing businesses to up- 
grade IT security, but 
that the 


Congress 


it warned 
bad-cop 
will act if a major 
cyberincident dam 


ages or cripples part 


COMMERCE'S 
Juster: Congress 
may pass unwel- 
come security laws. 


of the nation’s infrastructure 
“The fact that new laws and 
regulations might be ill-con 
ceived or ill-advised may not 
be a bar to their passage, espe- 
cially if lawmakers and regula 
tors conclude that industry is 
incapable of self-governance in 
this Kenneth I 


undersecretary for ex 


area,” said 
Juster, 
port administration at the U.S. 
Department of Commerce 
White 
the 
1999 national plan for critical 


House officials said 


Clinton administration's 
infrastructure protection is 
flawed because it couldn't be 
into busi 
The 
Clinton plan “lacked 
the 
knowledge” that pri 


translated 
ness concerns 
reservolr of 
vate-sector execu 
tives can 


Richard Clarke, 


provide, 
said 
national coordinator 
for infra 
structure 


and 


security, 

protection 

counterterror 
Clarke 


ism was 


HP Reports Weak Quarter 


BY JAIKUMAR VIJAYAN 
AND CRAIG STEDMAN 
Citing the softening economy, 
a continued slowdown in its 
corporate IT business and in- 
ternal sales and marketing is- 
sues, Hewlett-Packard Co. last 
week reported a 60% decline 
in pro forma operating profits 
for its second fiscal quarter 
and warned that sales may be 
lower than expected in the cur- 
rent three-month period. 

Carly Fiorina, HP’s chair- 
woman, president and CEO, 


said global economic con- 


| ditions played a big role in 


the dampened second-quarter 


sales. But, she added, HP also 
continues to wrestle with in- 
ternal problems 

HP has been tweaking its di- 
rect sales strategy during the 
past few months in an effort 
to deal with channel-conflict 
problems, which were 
blamed for contributing to a 
the 


also 


sales slowdown in 
pany’s first quarter. 
According to company exec- 
utives, the goal is to address 
growing concerns that HP 
hasn’t clearly differentiated 
which users it will deal with 
directly and which it will allow 
resellers to approach. D 


com- 


Senator Compares Cyberattack, Nukes 


WASHINGTON 

The senator who led the Y2k effort 
in Congress warned last week that 
a cyberattack by a hostile nation 
could be as disruptive as a nuclear 
missile exploding over a U.S. city. 

Sen. Robert Bennett (R-Utah), a 
leading congressional evangelist on 
protecting critical infrastructure, 
called on U.S. civilian agencies to 
adopt the red team/blue team mod- 
el used by the defense agencies 
to test their information security 
defenses. In such tests, red teams 
are the attacking forces, and blue 
teams are the defending side. 

“The big threat to our security 
comes from hostile nation states 
that can muster sufficient resources 
to make a concerted, significant 
assault on America,” Bennett said 
last week at a conference here. The 





among the administration offi- 
cials at a national infrastruc- 
ture security conference held 
here last week that was spon- 
sored by The Institute of Inter- 
nal Auditors Inc. in Altamonte 
Springs, Fla. 

In the past several weeks, 
the Bush administration has 
embarked on two efforts aimed 
at gaining greater business 
involvement. First, it’s examin- 
ing whether the present multi- 
agency approach can effec- 
tively protect infra- 
structure. Second, it has begun 
with 


critical 
meeting businesses in 
industries such as oil and gas, 
telecommunications, trans- 
portation and finance to draft a 
new protection plan, which it 
wants completed by year’s end. 

The plan will likely 
retain some of the recommen- 
dations of the Clinton adminis- 


new 


tration’s plan. Those include 
funding for security research 
and development, regulatory 
relief and continued strength- 
ening of Information Sharing | 
and Analysis Centers (ISAC), | 
which companies can use to 
share incident reports and in- 


conference was co-sponsored by 
the Fairfax, Va.-based Armed 
Forces Communications and Elec- 


| tronics Association. 


Bennett said these foreign 
cyberattackers won't attack the 
U.S. military or its intelligence agen- 
cies, where defenses are strong, 
but instead will aim at the banking 
system and other targets. If, for ex- 
ample, cyberattackers managed to 
shut down Fedwire, the Federal Re- 
serve Board's fund transfer system, 
it could mean that “no checks will 
clear, no money can be transferred, 
no financial transactions can take 
place in the U.S. That will devas- 
tate the U.S. more than a nuclear 
device set off over a large city,” 
said Bennett. “It will cause more 
long-term havoc.” 

- Patrick Thibodeau 


formation about trends in se 
curity. ISACs have been 
up thus far in the banking, elec 
tricity, telecommunications 
and technology industries. 

Rhonda MacLean, chief in- 
formation security 
Bank of America Corp. in 
Charlotte, N.C., said the ISACs 
delivered 
value. “What I 
through that information shar- 
ing I do not believe I would 
from any other 
source,” said. “That, I 
think, really gives us a leg up in 
being aware of what is actually 
happening out there.” 

MacLean suggested that the 
industry-specific ISACs should 


set 


officer at 


business 


found 


have real 


have 


have gotten 


she 


include mechanisms for shar- 
ing information across industri- 
al sectors, adding that “there is 
commonality” among sectors. 

She also urged the strength- 
ening of federal research and 
development efforts on securi- 
ty. “Too many vendors are real- 
ly delivering us poorly devel- 
oped products,” MacLean said. 
“Not only are they full of oper- 
ational problems, but they lack 
basic security controls.” D 
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Continued from page 1 


Los Angeles 


reaching all the goals we have 


set. There’s a laundry list of 
problems.” Chick and other city 
officials noted that training, or 
1 lack thereof, seems to be the 
major cause of the problems. 
According to a memo issued 
May ll by 
Administra 


many 


the city’s Office of 


tive and Research 


Services departments 


in detailed 


reports 


new system needs to be pro 


vided” to their workers. Bob 


Jensen, assistant general man 
ager of the city’s General Ser- 
vices Department, said exten- 


Sive training programs are al- 


Continued from page | 


UCITA 


UCITA has been introduced 
this year in Arizona, Illinois, 
Texas, Maine, New Hampshire, 
Oregon and New Jersey, plus 
the District of Columbia. Op- 
ponents are particularly 
pleased about stopping UCITA 
in Texas, which was seen as a 
key battleground state because 
of its size and the concentra 
tion of big companies there on 
both the user and vendor sides 

The 
“just came from everywhere, 
May, 
counsel to John Corona, a Re- 


opposition in Texas 


said Celeste general 
publican state senator who 
sponsored the Texas version of 
UCITA. “It was basically high 
tech against everyone else.” 
About two-thirds of the state 
legislatures have completed 
their work for the year, making 
UCITA’s passage in any state 
this year unlikely, said Carol 
Ashworth, who is heading an 
anti-UCITA effort at the Amer- 
ican Library Association's of- 
fice in Washington. But Wash- 
ington Mayor Anthony 
Williams has backed UCITA, 
potential 
there is unclear. 
John Palafoutas, a 
vice president at the AEA, a 
technology industry trade 
group formerly known as the 


and the outcome 


senior 


offered on an ongoing 
» added that more 
training is planned 
The design of the new sys- 
tem and many of the employ 
ees who are using it have 
changed since the initial train 
front end 


, Chick 


ing was done at the 
of the two-year projec 
said. In addition, she said, 
some departments lack em 
ployees familiar with how “to 
run complex technology.” 
rhe city is using Pleasanton, 
-based PeopleSoft’s pro 
mana 


payable 


curement, inventory 


ment i accounts 


Che 


have “bugs like every software 


modules applications 
but we've [reported] 
PeopleSoft, 


turning 


package, 
them to and 
they’ve been good at 


them around,” said Jensen. 


American Electronics Associa 
tion, said the legislative show 
ing this year “proves the old 
adage that it’s easier to stop 
something than to pass some- 
thing.” The Washington-based 
AEA is a proponent of UCITA. 
Palafoutas attributed the 
hesitancy of states to quickly 
adopt UCITA to the length and 
complexity of the proposed 
law, although he said he was 
surprised by the intensity of 
the opposition. “I didn’t expect 


he 


it to be this impassioned 
said. “I think in the long term, 
we're going to do OK on it. It’s 
complex, and I think it’s going 
to take us some time.” 

“I think we're just begin- 


Score Card 


JCITA has been sent to all 50 
states and the District of Co- 
lumbia for adoption. 

ADOPTED 
> Virginia, Maryland 


INTRODUCED BUT GOING 
Ath seltad ee Aad 


» Arizona, Illinois, Texas, Maine, New | 


Hampshire, New Jersey, Oregon 
fe yae tls) tal 
> District of Columbia 
OUTLOOK 
»Many state legislatures meet part 
time and every other year, so adop- 


tion of uniform commercial laws is a 
lengthy process. All that’s clear at 


this point is that both sides likely face | 


NEWS 


For instance, Jensen, who's 
overseeing the project for the 
dated 


May 9 that problems with Peo 
module 


city, wrote in a 


report 
pleSoft’s inventory 


“have resulted in inaccurate 
shelf counts” of some supplies 
Manual 
the counts have since been im 
adding that 


other bugs related to receiv ing 


processes for doing 


plemented, he said, 
and_ inventory-replenishment 
procedures were almost com 
pletely resolved this month 
But Jensen said last week 
that the software bugs can take 
only part of the blame for the 
start-up pains caused by the 
“The 
nent problems have to do with 


new system. procure 
people problems,” he said. In 
noted, em 

with the 


one case, Jensen 


ployees unfamiliar 


ning,” agreed Randy Roth, di- 
rector of corporate purchasing 


at The 
Group, a UCITA opponent in 


Principal Financial 


Des Moines, Iowa. “This was 
the first year where each party 
trenched in, and now we're go 
ing to go at it for a while.” 
UCITA isn’t 
Supporters 


Even in cas, 
completely dead 
there will make an 


create an interim study 


effort to 
com 
mission to examine the pro 
posed law and to possibly rein- 
troduce it when the state legis 
lature 


which has sessions 


only every other year — meets 
again in 2003. 

In New Hampshire, another 
state where UCITA has made 
little progress so far, supporters 
aren't giving up. State Sen. Lou 
D’Allesandro, a Democrat who 
sponsored the bill, said he plans 
to bring it up again this fall. “I 
think there is a recognition that 


we need it. It’s just a case of 


how we refine it,” he said 
UCITA drafted 
years ago by the 


was two 
Chic ago- 
based National Conference of 
Commissioners on Uniform 
State Laws and sent to all 50 
states for their consideration, 
as part of an effort to develop 
uniform commercial laws eas- 
ing interstate commerce. 
Adoption by the states of such 
uniform laws can typically take 
many years. 

The legislation sets a series 
of default rules for software li- 


system populated PeopleSoft 


tables with inaccurate data, 


causing glitches 

The May 9 memo noted that 
the help desk staffers assigned 
to the inventory and procure 
ment system are “helpful, but 
their 
than 


the demand for assis- 


tance is their 


availability.” 


greater 
The 
spells out that payments to 


memo also 
suppliers are being delayed be 
cause of processing problems, 
causing departments to lose 
discounts they usually receive 
“Some [suppliers] have not 
been paid large sums of money, 
and it’s costing the taxpayers 
money,” Chick said. 

Jim McGlothlin, 


vice president for education 


regional 


and government at PeopleSoft, 


said the Los Angeles project 


transactions, but the 


censing 
rules have garnered significant 
from 


opposition consumer 


groups and many corporate 
users. The opponents, who set 
up a group called Americans 
for Fair Electronic Commerce 
Transactions earlier this year, 
claim that UCITA is too favor- 
able to software vendors. 

For example, they charge that 
the law would let vendors limit 
their liability, prohibit reverse 
engineering and shut down 
software remotely in some in- 
stances. But UCITA backers ar- 
gue that the measure has been 
misunderstood and erroneous- 
ly maligned. They say corpo- 
rate users would still be free to 
negotiate contract terms. 

UCITA has also given rise to 
a legislative countermeasure 
called a bomb shelter. States 
that approve this essentially 
give users based there the right 
to dispute a software contract 
under their home state’s law 
and not the law specified in the 
contract itself. Iowa and West 
Virginia have already adopted 
the bill, and it has also been in- 
troduced in Oregon, New York 
and Michigan. 

In addition, the state attor- 
neys general in Kansas and Ok- 
lahoma are attempting to mod- 
ify UCITA. But that effort isn’t 
winning support from UCITA 
opponents, who see it as a ven- 
dor-backed effort to win sup- 
port for the proposal. D 
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“was not an easy implementa 


tion.” The rollout of the new 
system was a relatively exten 
sive two-year project requiring 
“business process re-engineer- 
ing and lots of [internal] 
changes” by the city, he said. 

In such cases, he added, it 
becomes “incumbent on the 
adhere to the new 
Despite the bugs 
McGlothlin 


said that to his knowledge, Los 


users to 
processes.” 
cited by Jensen, 


Angeles hasn’t encountered 
any major problems with the 
PeopleSoft software. 
Public-sector ERP projects 
can be problematic because 
government agencies often are 
working on tight budgets and 
have to accept the lowest bids 
implementation 
contracts, said Joshua Green- 
baum, an analyst at Enterprise 
Applications Consulting in 


Daly City, Calif. D 


TLD Holders 
Form Group 


BY TODD R. WEISS 
A group of Internet top-level 
domain (TLD) holders 
formed a nonprofit association 
to prevent what they fear will 
become a splintered Internet 
domain naming system. 

The new group, Top Level 
Domain Association Inc., be- 
gan accepting membership ap- 
plications Saturday. 

The best-known TLDs are 
those recognized by the Inter- 
net Corporation for Assigned 
Names and Numbers (ICANN), 
including .com, .net, .edu and 
.org. But many others exist out- 
side the authority of ICANN. 

Leah Gallegos, a board mem- 
ber of the new group and presi- 
dent of AtlanticRoot Network 
Inc., said the new association is 
being created to recognize all 
TLD holders, including alterna- 
tive groups ignored by ICANN. 

Theproblem is that some of 
ICANN’s pending TLD desig- 
nations, such as .biz, are al- 
ready used as TLDs outside the 
official ICANN system. That 
will create havoc and domain 
name “collisions.” DB 


on system 


has 
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sers Tussle With Major 
Lawson App Upgrade 


Companies must choose between existing 
systems and newest version of product 


BY MARC L. SONGINI 
AWSON Sotlt- 


ware rolls out 


Version 8 


Minn.-based 
lugging Lawson 
Web 


version than its prede 


8 as a 


more 


with several enhance 
igned specifically 

inancial, professional 
ind public sectors 

or Gas 

I } 

Lawson.- 

} procurement soft- 


that it 


grade from 


to Version 7.2.3 
to complete in August 
any difficulties it 


is in the midst of 


may pose, a move to 8.0 Is a 
must, said Joe Hynes, a pro- 
the 


natural 


curement manager at 
Naperville, IL- 
gas distributor. The upgrade to 


ased 


Version 8.0 is slated for com- 
pletion by next April. 

“We'll be able to take advan 
of Lawson’s € 


tage procure 


ment services,” said Hynes 
“We'll be able to go beyond our 
client/server-based internal cat 
ilog and log in to a Web-based 
marketplace 

“This is a major release,” he 


added 


play it, we'd get blindsided.” 


‘If we started to down 


However, some users are 
waiting to see what other com 
panies do first 


“We 


first to adopt it, and we don’t 


don’t want to be the 


want to be the last, either,” said 


Microsoft Agrees to Sign 
Safe Harbor Privacy Pact 


BY LUCAS MEARIAN 
Microsoft Corp. last week said 
i join Hewlett-Packard 
Co. and other companies that 

d the US 


it woul 


Europe 


agreement on 


osoft is the 

any to sign on and 
eeded ¢ redibility to 
measure, 
framework to 

y move data 

vo marketplaces 
so promises 


gal protec 


tion of tI igreement 
has been slow, with many com 


inies taking a wait-and-see 


approach. But Jean Philippe 


Courois, president of Micro 
soft Europe, Middle East and 
Africa, said his company’s de- 
cision to adopt the agreement 
reinforces its commitment to 
our 
data 


sure they feel safe whenever 


“protect European cus 
t 


tomers and to making 
they do business with us.” 

The provision was was nego 
the Commerce De 
partment under the Clinton ad 
ministration after the European 


tiated by 


Commission issued a directive 
on data protection for its citi 
zens. When HP signed the pact 
in February, it was the largest 


company thus far to do so. B 


MOREONLINE 


rage Of privacy issues, vt 


www.computerworld.com/privacy 


Ted Denca, a deputy director 
at the Michigan Department of 
Civil Service in Lansing. 

In March, the state went live 
with the Lawson.insight 7.2.3 
human module, 
which 


benefits for 


resources 


handles payroll and 
65,000 state em 


ployees and 18,000 National 
Guardsmen. 


rior to the $47 


million im 
plementation, the state relied 
on 17 million records stored in 
six different 


systems; reports 


were paper-based and often re 


dundant. Managers can now 
access data using customized 
viewing screens and can gen 
erate and distribute reports on 
the Web. 

Michigan plans to move to 
Lawson.insight 8.0 by January 
because the new version re 
quires only a browser and no 
other client software, which 
of mainte 
nance, says Rich Huneke, di 


reduces the cost 
rector of the state’s human re 
sources management network 

Other organizations are also 
playing catch-up. “We're a lit 
tle behind the curve,” said Joe 
Lacik, CIO at Aviall Inc., a Dal- 
las-based distributor of air 
craft parts. The company now 
runs a widespread set of Law- 
son.insight 7.0.8 enterprise re 
source planning applications, 


COMPUTERWORLD May 21, 2001 


New Treats 


The following features are 
available in the Lawson.- 
insight 8 series: 


> Browser-based access to 


> Connectivity with wire- 
less devices 

» A 100% Java-based pro- 
gramming model 


» An XML-enabled interface 
» Specific enhancements for 


public-, financial- and pro- 
fessional-sector industries 


with plans to upgrade to 7.2.8 
before moving to 8.0. 
“We hope to get there as 


soon as possible,” he said. D 


Interface Designer Targets B2B Failings 


Says Web apps need 
common controls 


Mark Roison is a vice president 
at Frogdesign Inc., the Sunny- 
vale, Calif.-based company that 
designed the physical appear- 
ance of the original Macintosh 
computer and most recently 
helped hone the look 

and feel of the Win 

dows XP user inter 
face (UI). Rolson says 
Web applications pose 
difficult UI problems 
for business-to-busi- 
ness developers. Rol- 
son recently spoke 
with Computerworld’s 
Mark Hall. 


Q: What are the current 
hurdles for Ul designers? 
A: Translating the design lan- 
guage of UI design away from 
engineering-driven realities to 
user concerns 

UI precedent is set by stan 
dards being made by engineer 
ing limitations. Take the look 
and feel of Windows, 
lot of the UI treatment is there 


because the engineering has 


where a 


established the easiest way for 
a screen to be rendered. Out 
side of Windows, [in ] what 


ROLSON: Address 
site complexity by 
setting “basic but 
firm” design rules. 


part of your life would you put 
up with that kind of gray and 
flat space? Not your car. Not 
your office. SAP R3 — that was 
a milestone in UI develop 
ment. It’s one thing to take a 
small system like an MP3 play- 
er and make it sexy. But SAP 
has 50,000 apps with unique 
events in each of them. To re- 
design it is a massive, systemic 

problem. That we 

were able to do any- 
that 
naled a shift in engi- 


thing for sig- 
neering’s willingness 
to accept design as 


part of their process. 


Q: Is everything about 
UI design Web-driven 
these days? Or can IT 
developers take a cor- 
porate-centric path to 
their applications? 

A: Marketwise, a massive per- 
centage is Web-driven. We do 
that tradi- 
+ apps and are work 
think 
there’s one app that can’t talk 
via the Web. 

But remember, the Web look 
is basically just a custom look. 
Every Web site is different. It’s 
not using a standard Windows 
look and The 
have their own look and feel, 


have clients have 


tional ¢ 
ing with 


them. I don’t 


feel. controls 


and they function differently 
from site to site. 

We're spending a lot of time 
with companies, such as i2 
[Technologies Inc.], to give a 
standard look and feel to Web 
applications. A Web UI should 
follow a similar uniformity like 
Windows, although it’s not at 
all the Windows look. It’s a 
mistaken assumption that the 
Web is more usable than Win- 
dows. B2B apps are hard to use 

harder than Windows. There 
are user interaction problems 
everywhere because every- 
thing is different, whether it’s 
sorting data, searching data 
and selecting objects. You’ve 
got to learn new objects every 
time you go to a new site. 


Q: What should business-to-busi- 
ness sites do before writing code? 
A: The way to solve site com 
plexity is with standard tactics, 
the controls of objects. ... Set 
basic but firm rules designers 
follow. You 
need a common set of controls 


and developers 
so when a user learns it once, 
they’ve got it. B2B apps have 
no commonality. Each compa- 
ny should their 
common control library [and] 
share it. Sun has done this with 
the Swing library, as has SAP 
with its design library. D 


create own 
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Innovation calls for collaboration — and that means putting the 
Einsteins of your company together. Livelink® from Open Text 
is a collaborative application that brings together the best minds 


Every organization has great minds. 


in your company and connects them to your business partners 

Are you making the most of yours? | aes | 
suppliers and customers. Livelink’s dynamic collaboration allows 

you to streamline efficiencies, gain first mover advantage and 


save money. 


Livelink is already helping over four million great mind 

the way they work together. Four thousand organization 
over the world are using Livelink to develop, impleme 

bring to market new ideas—faster and more efficiently. Ca 
today at 1-800-499-6544 to find out how we can help you move 


your business further faster. 


Further Faster™ 


www.livelink.com/computerworldus 








Your 
customers, suppliers, and partners all need to work together over 
the Web. You have to make it happen. If you use BizTalk Server 
2000, you actually can. Part of the Microsoft .NET Enterprise 
Server family, BizTalk Server 2000 brings together the tools and 
services you need to rapidly integrate applications that run within 


and across organizational boundaries. 


That’s because BizTalk Server 2000 has powerful visual tools 
that fully utilize XML, allowing you to quickly design, build, and 
orchestrate all your business processes. BizTalk Orchestration 
Designer makes it possible for business analysts and developers 
to collaborate with ease. You can also generate XML document 
schemas quickly and simply with BizTalk Editor, while BizTalk 
Mapper makes it easy to visually transform one business document 
into another via XML. BizTalk 
Server 2000 also maximizes 
the value of legacy systems 
by making it easier to convert 
XML data to and from various 


structured data formats. 


To learn more about how BizTalk Server 2000 can get all your 


business processes working in harmony over the Internet, visit 


microsoft.com/biztalk 
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U.S. State Department Site Hacked: Servers Shut Down 


until early next month, after an 
unknown assailant attacked the 
site and several servers linked 
to it on May 8 


BY BRIAN SULLIVAN 
A confidential U.S. Depart 
ment of State Web site isn't ex- 


pected to be fully operational 
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The FBI and the Bureau 
of Diplomatic Security 


joined the case and are going 


point of entry, State Depart 
have | ment spokeswoman Victoria 
DeLong said. They’re also at- 


over system logs to find the | tempting to determine where 
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the attack originated, she said. 

Currently, the site is used 
by the State Department’s Of- 
fice of International Informa- 
tion Programs. Some func- 
tions, such as e-mail, are still 
available; Internet access, how- 
ever, was severed to quaran- 
tine the while officials 
investigate the attack, DeLong 
said. Quarantining a site is 
standard procedure once offi- 
cials discover that it’s been 
compromised, she explained. 

“We will not achieve full op- 
erational status for at least 
three to four weeks,” DeLong 
said last week. 

“At no time [were] any clas- 
sified materials or information 
sensitive to the conduct of na- 
tional security in danger or 
compromised,” DeLong added. 
“We don’t believe there was a 


site 


political motive. The State De- 
partment’s main Web site was 
not affected.” 

DeLong wouldn’t comment 
on whether officials believe 
the attack was carried out by a 
State Department employee. 


Opposing Views 

Richard Diamond, a spokes- 
man for House Majority Leader 
Dick Armey (R-Texas), said the 
congressman 
about the attack. Armey has 
been an outspoken critic of the 
security and privacy of U.S. 
government Web sites. 

“This is the reason and an 
example of why we have to 
focus on government security 
first — because the govern- 
ment systems are vulnerable,” 
Diamond said. “The govern- 
ment needs to learn more 
about how it can protect infor- 
mation before it can start 
telling other people how they 
should do it.” 

Peter Lindstrom, a senior 
analyst at Framingham, Mass.- 
based Hurwitz Group Inc., dis- 
agreed with the assertion that 
government sites aren’t secure 
enough. 

“In general, I think the gov- 
ernment does a great job,” 
Lindstrom said. “In many ways, 
they are like Microsoft. They 
are a huge target, and these 
guys walk around with a target 
on their foreheads. Every once 
in a while, a stray shot is going 
to hit them.” D 


was concerned 











A ) ee 


Pees Pe 


PP; eu 
lt 
fy 


Feeling the strain of heavy data demands? Store Smarter: 


Introducing Active Archive Solutions: The intelligent way to optimize database performance. 
The pain of overloaded databases: sluggish applications, frustrated end users and seething customers. Relief is 


here. Active Archive Solutions slim down databases by removing infrequently used data. Data is archived, but kept 


“active’—still easily accessed by your end users. Now you can speed up performance and maintain 24/7 availability 
without expensive upgrades. Take a load off your database. Call 800.457.7060 or visit www.storesmarter.com. 
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Hyperion to Cut Jobs 


Less than a month after reporting 
its second loss in the past three 
quarters, data analysis software 
vendor Hyperion Solutions Corp. 
last week announced plans to cut 
up to 15% of its more than 2,600- 
member workforce by the end of 
next month and said it’s also taking 
other steps to reduce spending by 
the company. The cutbacks are be- 
ing driven by the continued eco- 
nomic sluggishness and the effect 
it's having on software purchases 
by corporate users, according to 
officials at the Sunnyvale, Calif.- 
based company. 


Linux Software 
Vendor Closes Shop 


Eazel Inc. folded last week, two 
months after the launch of its first 
product: user-friendly open-source 
desktop software for Linux systems. 
In an announcement on its Web site, 
Palo Alto, Calif.-based Eazel ex- 
plained the closure, which was ef- 
fective May 15. “Our most diligent 
efforts were not sufficient to secure 
additional funding,” the announce- 
ment said. “We're disappointed that 
we can't continue developing soft- 
ware and services for users of 
open-source software. We are con- 
fident, however, that Nautilus devel- 
opment will continue forward.” 
Eazel provided open-source soft- 
ware called Nautilus for free down- 
load from its Web site. 


Networking Start-up 
Gets $38M in Funding 


Former executives from a group of 
networking and mobile communica- 
tions vendors that includes Cisco 
Systems Inc. and Nortel Networks 
Corp. are forming a start-up that 
will focus on developing a bridge 
between wireless networks and 
existing data networks and the In- 
ternet. San Jose-based Tahoe Net- 
works Inc. received $38 million in 
initial funding from venture capital 
firms Redpoint Ventures in Menlo 
Park, Calif., and Accel Partners in 
Palo Alto, Calif. 


NEWS 
Software Glitches 
Snag 3G Rollouts 


British Telecommunications latest to delay 


BY MATT HAMBLEN 
N THE RACE 
with third-generation 
(3G) 
the winner is still up in 
the air. 

British Telecommunications 

PLC (BT) last week postponed 


to be first 


wireless services, 


the launch of its first 3G net- 
work on the small Isle of Man 
in the British Isles, just three 
weeks after NTT DoCoMo Inc. 
announced it would delay to 
Oct. Lits rollout of 3G in Tokyo. 

Both companies fell victim to 
software problems involving a 
remote node controller in their 
networks. The controller does- 
n't permit users calling outside 
a single cell to move without 
losing either voice or data, ex- 
perts and BT officials said. 

BT is working with its sub- 
sidiary, Isle of Man-based Manx 
Telecom, to develop the soft- 
ware with handset maker NEC 
Corp. NEC is also working 
with NTT DoCoMo, said NTT 
officials. NEC and NTT DoCo- 
Mo are both based in Tokyo. 


“It’s a disappointment and a 
fairly glitch in the 
scheme of things,” said Roger 
Westbury, a spokesman for BT. 
“Still, the 
meant 
an unmobile mobile 


minor 


problem 
you'd have 
For more 
phone, so that’s no 

good.” munity or 


BT 
was planning to roll 


London-based 


out the service to 70,000 users 
at the end of this month, offer 
ing video and other multi 
media services over phones 
with bandwidth much higher 
than 14K bit/sec. 
But the company will postpone 
the launch until late summer 
or early fall. “We shan’t launch 
it until we're sure it’s working,” 
Westbury said. 

The NTT DoCoMo rollout 
was for 150,000 users in Tokyo 
but was replaced by an intro- 
ductory service for only 4,000, 
with the larger rollout sched- 


uled for October, company of- 


the current 


ficials said. 
Analysts said they weren't 


WOREDNINE 


our Wet 
www.computerworld.com/ 
wirelesscenter 


concerned about the glitch. “A 
technical glitch such as this is 
not something to write home 
about,” said Shiv Bakhshi, an 
analyst at Framingham, Mass.- 
based IDC. “There are differ- 
involved with 
network distribution 


ent interfaces 
content, 
and reception on the 
handsets and to get 
one to talk to another, 
which involves a 
tremendous 
of technical and busi- 
ness coordination.” 
Phil Marshall, an analyst at 
The Yankee Group in Boston, 
said the NTT DoCoMo and BT 


networks use Wideband Code 


the com 


amount 


Promises, Promises 


| as Kansas 


Global 
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Division Multiple Access net- 
works, while U.S. carriers such 
City, Mo.-based 
Sprint PCS Group and New 
York-based Verizon Communi- 
cations are developing the ser- 
vice in the narrowband Code 
Division Multiple Access net- 
work. “It’s slightly different 
technology, and we don’t ex- 
pect the same problems” with 
the U.S. carriers, Marshall said. 
Redmond, Wash.-based AT&T 
Wireless Services Inc. is using 
yet another technology, the 
System for Mobile 
Communications. 

However, Sprint and other 
carriers aren’t insulated from 
software glitches and delays, 
said Bakhshi. 

“3G is still in development, 
and these kinds of hiccups are 
to be expected,” said Charles 


| Golvin, a San Francisco-based 


analyst at Forrester Research 
Inc. “The rollout 
overhyped.” D 


has been 


< Major providers’ original and current 3G* rollout targets: 


NTT DoCoMo 

British Telecommunications 
AT&T Wireless 

Sprint PCS 


Verizon Wireless 


Late May 


Oct. 1 

Late summer/early fall 
Q3 

04 

Q4 


May 1 


Q3 
a4 
a4 


“Some vendors and analysts note that bandwidth being promised in early phases is 40K to 60K 


bit/sec. and not true 3G, with 384K bit/sec. 


Cable & Wireless to Purchase Digital Island 


Provider on lookout 
for more properties 


BY JAMES COPE 

Cable & Wireless PLC 
week dipped into the $9 billion 
in its cash coffers to buy Dig- 
ital Island Inc., a struggling 
content delivery provider that 
has some big-name clients and 


last 


| a respectable global IP infra- 


structure. 

Analysts said the $340 mil- 
lion purchase brings assurance 
to existing Digital Island cus- 
tomers that the content deliv- 


ery service provider will stay 
in business. San 
based Digital Island, which 
was founded in 1995, has yet to 
turn a profit, according to its 


Francisco- 


earnings reports. 

“The acquisition underpins 
Digital Island as a company,” 
said David Woods, managing 
e-commerce for 
markets at 


director of 


global 


financial 


Amsterdam-based ABN Amro | 


Bank NV, a Digital Island cus- 
tomer. “I see this as good 
news.” 

The move benefits Cable & 
Wireless as well, said Brown- 
lee Thomas, an analyst at Giga 


Information Group Inc. in 
Cambridge, Mass. She said 
London-based Cable & Wire- 
institutional 
have criticized the carrier for 
holding too much cash. 
Although $340 
a drop in the bucket for the 
company, she said it sends a 
signal that Cable & Wireless is 
on the prowl for acquisitions. 
| PSINet Inc., an Ashburn, Va.- 
| based service provider that’s 
| now facing bankruptcy pro- 
| ceedings, is a possible target, 
| Thomas said. She added that 
Sprint Corp. could also be on 
| Cable & Wireless’ shopping list. 


less’ investors 


million is 


“The purchase of Digital Is- 
land is right in with 
C&W’s vision of focusing only 
on those things that add value 
to its international IP net- 
work,” Thomas said, noting 
that Cable & Wireless has been 
selling off property that isn’t 
tightly oriented toward pump- 
ing revenue into its global IP 
network. 

Cable & Wireless spokes- 
man Chad Couser declined to 
comment specifically on the 
company’s acquisition targets. 

“There are a lot of good 


line 


| deals out there right now,” he 


said. “But just because we have 


| money doesn’t mean we have 


to spend it. There has to be a 


| strategic fit, value and good 
| management.” D 
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Lose the CEO Envy 


ORE DOORS MAY BE opening for CIOs, but are 
C C you sure you want to go through them?” 
That question from one of our business sto- 
ries (“Going Up?” page 38) has haunted my 
thoughts all week. As did this quote from a 


dot-com CEO and former CIO in the 
“Many IT professionals 
are exactly that — they’re IT profes- 
The point is that most tech- 
nologists don’t reach the executive 


same story: 
sionals.” 


boardroom because they lack the 
broad depth of general knowledge re- 


\@ 


quired to suc i in the top business 
spots. Well, here’s a politically incor- 
rect thought 


What we often overlook is the value 


: Is that such a bad thing? 


of deep expertise in a few areas, rather 
than a smattering of knowledge in 
everything. Would you really love be- 
ing the CEO, the ultimate generalist? When I look 
over the usual lists of qualifications for the top 
business spot, unequaled expertise in any one 
subject is never on them. Despite all the grandi 
ose talk about team building, embracing change 
and strategic vision, CEOs are ultimately judged 
on the bottom line. Yet we tend to lionize those 
C1Os who “make it,” who survive that final mile 
to the CEO suite. I suspect these folks would have 
ended up as CEOs regardless of which profession 


\| my F 
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they started out in. And best of luck to 
ail of them, especially in this econo- 
my. But why should it be a big deal 
anymore to see a top technologist in 
that spot, any more than a top finance 
or marketing executive? Companies 
that don’t value technology on an 
equal footing with finance, operations, 
and sales and marketing tend to be 
rather stupid companies. 

Of course, technology managers 
need to be business-savvy and cus- 
tomer-centric. As our columnist Peter 
GM. Keen wrote last week, dealing 
with the pervasive impact of technology has be- 
come as much the focus of IT leaders as manag- 
ing the technology itself. “IT will thrive or fail 
during the next few years on the diversity of its 
roles and responsibilities — and of its people and 
their skills,” Keen wrote [Business, May 14]. 

So if being a CEO is your dream, your technol- 
ogy background won't hold you back. But life is 
short. Do what you truly enjoy 
And let 


- even if it’s “just” 


running IT. the business-types envy you. D 
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PIMM 


What’s IT Got to 
Do With ‘Mad 
Cow’? Lots 


AVVY USE OF existing IT resources 
can be successfully applied to man- 
age complex issues without high 
costs or long deployment cycles. 
Consider some projects in the field of health. 


FOX 


The outbreak of “mad cow” disease in England 
in 1996 threw the European beef market into a 
panic. Consumers rejected meat, cattle were de- 
stroyed and millions of dollars were lost while 
governments scrambled to contain the crisis. But 
they lacked vital information about where cattle 
were bred, raised and subsequently slaughtered, 
which could have helped 
them trace the disease. 

In Germany, the chal- 
lenge of building and 
maintaining a real-time 
and their 
movements fell to Richard 
Carmanns at the Bavarian 
Ministry for Food, Agri- 
culture and Forestry in 
Munich. His deadline for 
implementing the system 
was the end of 1999, after 
which untracked meat 
couldn’t be exported to 
other European Union countries. 
member states started their projects earlier,” 
Carmanns, “but we have 16 different states in Ger- 
many, and it took time for each state to agree on a 


database of cattle 


PIMM FOX is 
Computerworld's West 
Coast bureau chief 
Contact him at pimm_fox@ 
computerworld.com. 


“Some [EU] 


says 


common process to tag and track cattle.” 

The Bavarian ministry relies on three methods 
by which farmers, cattle traders and slaughter- 
houses relay information about cattle: postcards 
that are scanned, an automated voice-response 
system and the Internet. 

When a calf is born, it receives two ear tags, 
and data (including birth date, sex, ear-tag num- 
ber of its mother and breeding farm) is entered 
into a central database. After that, even con- 
sumers can know the history of the meat they 


consume by using an ID on the package. There 


are 15 million animals registered, and last year, 
more than 40 million changes related to the lives 


| of those animals were entered in the database. 


“While the concept of tracking is simple,” says 


LATENT PALLET EEA ERIE ALOT ALY PEE AE IEE SOI OREN EET EP TICLE AE 
MOREONLINE For more Computerworld columnists and links to 
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Carmanns, “we have over 260,000 farmers, traders | 
and slaughterhouses that handle cattle.” 
And he had a limited staff and budget for the 
project. Three people planned it, and two IT per- 

sonnel handled the operation. 
“We used existing IT infrastructure to keep ex- 


penses down,” says Carmanns, alluding to a data- 
base system that distributes EU farm payments. 
“This is an extension of that IT operation.” 

About 60% of the data is entered via the Internet 
or file transfers, with 2% from the voice-response 
system and the remainder coming from postcards. 

Other IT applications underscore the feasibility 
of using existing database technology to imple- 
ment real-time tracking and retrieval. For exam- 
ple, the Minneapolis-based National Marrow 
Donor Program’s computer system tracks detailed 
patient histories and maintains a registry of 4 mil- 
lion potential unrelated donors who volunteer 
marrow and blood stem cells. 

IT projects don’t have to eat up huge budgets to 
be worthwhile or meet deadlines. These cost- 
conscious projects have proved that existing IT 
resources can be applied to related projects. D 


Prepare Your 
Company for the 
Mobile Scramble 


NYWHERE, anytime, everywhere, 
all the time. That might as well be 
the mantra for the coming decade. 
I’m talking about mobile access to your 


company’s systems from phones, Palm- 
Pilots and, perhaps someday, automobiles and 
wearable computers. 

The forecast goes like 


| Security Snake Oi 


ing the business case and 





this: By the end of the 
year, almost 25% of Inter- 
net users in Europe and 
more than 60% in Japan, 
where wireless is catching 
on fastest, will be using a 
wireless connection at 
least some of the time. 
Mobile Internet access 
will catch on slower in the 
U.S., but by this time next 
year, there will be nearly 
20 million wireless Inter- 
net users here. Within four years, 60% of ail In- 
ternet users will be mobile some of the time. 

Yet research from IDC’s massive eWorld 2001 
survey (www.idc.com/eworld200]1) indicates that 
most companies consider supporting wireless de- 
vices something that will be needed in the distant 
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future. Less than 10% of sites today support mo- 
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bile devices, even in Europe and Japan. Less than 
20% plan to add support soon. 
In short, demand will soon greatly outstrip the 


| supply of mobile Internet access and applications. 


Here’s what I think will happen: About a year 
from now, companies will wake up to the impera- 


| tive to support mobile Internet users — with re- 


mote access for wireless, content formatted for 
new form factors and new applications and ser- 


| vices for their customers — and they’ll all try to 
| move at the same time. I call this the mobile 
| scramble. There will be a lot of lousy implemen- 


tations, a lot of consulting dollars wasted and a 
lot of unhappy users, at least until companies up- 


| grade and improve their first efforts. 


I’m not saying you have to implement futuristic 
applications like the imaginary service that calls 


| you to tell you your latte is ready, but your em- 


ployees are going to want e-mail and instant mes- 
saging from their wireless phones and access to 
intranets and extranets. Your customers are going 


| to want to check account status on the road, and 


your sales force is going to want inventory status. 


| Basic bread-and-butter stuff. 


Here’s how to get ahead of the scramble: 


| Microsoft being ahead of 
the competition? 

David Werth 

| Database administrator 

| UPS Aviation Technologies 

| Salem, Ore 


some astute asser- 

tions [“The New 
Security Pro,” Technolo- 
gy, May 7], particularly 
that security profession- 
als focus too heavily on 
technology solutions 
without spending appro- 
priate time understand- 


HUCK RYAN makes | 


| For IT's Convenience? 


| ERHAPS running 
multiple, disparate 
systems isn’t impos- 


| sible, and standardization 

| is purely for the benefit 
of IT, not the users of the 

| services [“Standardizing 

| Postmerger E-Mail a 

| Headache for IT,” News, 

| April 30]. Why yank on 

| users’ productivity just to 

| make IT systems more 
manageable? 
Richard L. Gambrell 

| Director of computing systems 

| and networks 

| University of Tennessee at 

| Chattanooga 


Universal Language 


OST GERMANS 
| call the German- 
| English mixture 


referred to by Mark Hall 
[“Global Careerspeak,” 
| News Opinion, April 30] 


performing risk analysis. 
Firewalls aren’t a pana- 
cea, though they’re often 
touted as the snake oil 
that will cure all ills. 
Dan Houser, CISSP 
Columbus, Ohio 


On the Leading Edge 


CCORDING TO 
“User Worries 
Prompt New Mi- 


crosoft Attack on Open 
Source” [Computer- 


crosoft’s Craig Mundie 
“claimed that the open- 
source movement could 
result in ‘product insta- 
bility’ and ‘inherent se- 
curity risks’ for software 
users.” Another case of 


a 


| @ Get up to speed on what it will take to support 
| wireless with your internal and external Web 


| sites. Have a plan in place for when the powers 
that be suddenly make this your top priority. 

| @ Find out which firms offer what wireless Web 

| site hosting and application development ser- 


vices. At least 75% of companies will outsource 
some or all of their mobile Web sites. 
w Set up a technology evaluation unit to keep 
| track of the various standards, devices and ser- 
vices available. Remember, they’ll vary by region. 
| @ Start educating business units and management 
on the unique problems and opportunities creat- 
| ed by wireless applications. You know the list: se- 
| curity, device and user management, technical 


support, directories, etc. 


| But mostly, you'll have to fight complacency. I 
don’t think demand for wireless applications will 
evolve steadily. One day, no one will care about 
them; the next, everyone will clamor for them. 

That switch will be thrown sometime around 

| September 2002, when we hit 200 million mobile 
Internet users worldwide, or about the same 

number of Internet users in June 1999. You have 
only 16 months to prepare, so get cracking. D 


| “Ginglish.” Because most 
| software is available only 
| in English, everyone uses 
| common English terms 

| like logon, save, enter and 
file, even though these 
words have local transla 
tions. In fact, when I took 
over a product localized 
in German and English, I 
was warned not to over- 
translate. Germans were 
| so used to the English 
keywords, they had diffi- 
culty understanding the 

| German equivalents. 
Celia Redmore 

BMC Software Inc 

Atlanta 


' Containing Viruses 


HE COST OF ANY 

virus attack is 

normally far high- 
er than anyone realizes 
and can’t be measured 
only in the direct cost of 
cleanup [“Antivirus Safe- 
ty Net Has Too Many 
Holes,” Security Manag- 
er’s Journal, April 16]. 
When I worked at a 
bank, a virus infected 
word processor files and 
| changed figures in the 





text in an area that ap- 


proved loans to large 


| COrporate customers. 


The sanction letters 
were checked on-screen 
and found to be OK and 
then sent by e-mail to re- 
cipients. However, the 
virus randomly changed 
the authorized figures 
between checking the 
letters and their being 
dispatched, so the sender 
had no knowledge of the 
change. This resulted in 
wrong borrowing limits 
being applied and caused 
enormous chaos as well 


| as claims and lost inter- 


est in the millions 
M. Dickinson 
Program manager 
Riyadh, Saudi Arabia 
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Online this week: 


POINT OF VIEW 


Agility 

As applied to the computer industry, the 
concept of agility takes on a new meaning. 
Working together, Compaq and Microsoft are 
constantly eon to embody that concept. 
www.windows2000advantage.com/pov/ 
03-19-01_agility.asp 


Wesco 


The alleged Active Directory security flaw 

It was reported that Microsoft Windows 
2000 Active Directory had a security 
problem relating to the loss of certain 
group information. 
www.windows2000advantage.com/tech_edge/ 
03-12-01_visual_studio.asp 


FEATURES > 


Even happy Windows NT users say 
they will migrate 


Despite the allure of Microsoft Windows 2000, many Microsoft 
Windows NT users have developed highly functional, productive 
environments that they are content to keep for the near term. By 
continuing to support Windows NT, Microsoft is enabling these 
users to make a measured migration to Windows 2000. 


For the full story, visit: www.windows2000advantage.com/ 
features\O5-07-01_migrate.asp 


FEATURES > 


Management tools critical to scale-up and 


scale-out Windows 2000 scenarios 


c ie i 
Compa se rer exec reviews 


Hugh Jenkins, director of marketing for 


Compagq's Industry Standard Server 
Group, discusses what users expect from 
their servers and how evolving server 
technology is empowering them. 
www.windows2000advantage.com/qa/ 
03-05-01_market_trends.asp 
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Don't blame me, I’m only the operating 
system 

The failure to communicate business goals 
and the misuse of information is blamed on 
the operating system. Chris Koontz tells how 
to avoid these problems. 
www.windows2000advantage.com/columns/ 
04-23-01_0S.asp 


CASE STUDIES 


Ebone showcases Windows 2000 in a 
Compag Environment 


Ebone, Europe's original and most experi- 
enced data-only broadband optical and IP 
networking company, entered into an agree- 
ment with Microsoft and Co’ ‘ 
www.windows2000advantage.com/ 
case_studies/04-23-01_ebone.asp 


Windows 2000 users have the option of scaling up or out. No 
matter what their choice, they rely on a bevy of management 
tools that can make it a lot easier to grow. 


For the full story, visit: www.windows2000advantage.com/ 
features\04-30-01_management_tools.asp 
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Windows 2000 ships with key middleware tools 
for linking, managing distributed applications 


With Windows 2000, Microsoft has for the first time bundled 
many middleware capabilities into the operating system itself as 
tightly integrated application services, dramatically increasing 
their performance, reliability and manageability while cutting 
costs for customers. 


For the full story, visit: www.windows2000advantage.com/ 
features/04-16-01_key_middleware.asp 
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NEWS > 


Whistler renamed Windows 2002 


In an address to Gartner Inc.'s recent “Windows 2000 and Beyond” 
conference, John Enck, Gartner's research director of Server Strategies, 
revealed that Microsoft's enterprise server products, previous!y code- 
named Whistler, will be released under the name Windows 2002. 

In February, Microsoft announced the official product name of 
Windows XP, the company’s next-generation desktop operating system, 
which had previously shared the Whistler code name with the server 
products. 

Both the new server software and the desktop operating system are 
based on the strengths of the Windows 2000 code base, but they belong 
to different product families. 

According to Microsoft, Windows XP - which will come in Home 
Edition, a Professional Edition and a 64-bit version — establishes the new 
standard in power, reliability, security and simplicity for PC users. But the 
newly named Windows 2002 reflects the needs and requirements of a 
broad range of business computing requirements: small businesses and 
departmental/workgroup customer needs; enterprise customers’ quest 
for manageable, secure line-of-business systems; and Web-centric cus- 
tomers who require the highest levels of reliability and scalability. 

“Windows 2002 represents the next step in the evolution of Windows 
2000,” says Mark Perry, senior director of Windows .NET Server 
Marketing. 


For the full story, visit: www.windows2000advantage.com 


QUOTE OF THE WEEK > 


| “The Windows 2000 tools we have, such as 
BizTalk Server, have allowed us to seamlessly 
integrate into the Sun Solaris-Oracle solution 
our fulfillment partner uses.” 
— Mark Sunat 
chief technology officer 
Haystack Toy Co 
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have to offer. Toward that goal, we offer a wide range of stories 
including case studies, columns and news to provide you with 
information you can’t find anywhere else. 
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economic environment, More << liclined 
how inclined are you Inclined 25% 

to implement Microsoft 
Windows 2000? 
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The Net Result: 
Relationships 
With Customers 


T’S TRUE THAT your Internet- 

equipped customers have more infor- 

mation, more choice and more power 
and that they can jump to a competitor’s 
Web site with the click of a mouse. But 
it’s also true that you can use the Net to build 
much deeper relationships with your customers 
than has ever been possible. 

Chances are good you have a relationship with 
Amazon.com. The company has invested in cus- 
tomizing an environment for vou. You've invested 
in educating it about you, your shipping prefer- 

ences and your interests. 
In the interactive world, 
Amazon can get to know 
you, educate you and de- 
liver value-added services 
on a personal basis. It can 
e-mail you when a new 
book fits your personal 
profile. The relationship is 
mutual: You create value 
DON TAPSCOTT is 
chairman of Itemus Inc 
(www.itemus.com) and 
co-author of Digital 
Capital (Harvard 
Business School Press, 


2000). Contact him at 
dtapscott@itemus.com 


for the seller and for other 
participants by contribut- 
ing your views. You can 
establish a personal pro- 
file that includes a gift 
registry. 

oh The more time and ef- 
fort you invest, the more personal the bookstore 
becomes. You build loyalty to this company, not 
just because of the services it provides, but be- 
cause of the effort required to re-educate another 
company about you. For both buyer and seller, 
this networked relationship constitutes capital. 

Amazon.com can seek a greater share of your 
disposable income by cross-selling new products 
and services. This year, it scored 84 out of 100 on 
the American Customer Satisfaction Survey — 
the highest score ever recorded for a service com- 
pany in any industry. Because of this, Amazon is 
one of the most successful brands in the world. 
The retailer this year will serve 25 million cus- 
tomers and enjoy revenue of more than $3 billion, 
and it’s on its way to profitability. 

The wealth embedded in customer relation- 
ships is becoming more important than the capi- 
tal contained in land, buildings and even big bank 
accounts. Relationships are now assets. This rela- 
tionship capital accumulates and provides a new 
foundation for marketing and sales revenue. A 
firm’s ability to engage customers, suppliers and 


| their curricula. Vendors 

| shun the word Cobol in 

| their marketing literature, 
| even when Cobol tools are 


NEWS 


other partners in mutually beneficial value ex- 
changes determines its relationship capital 

Think your company’s product or service does- 
n’t allow an Amazon.com-like relationship? Think 
again. As the Net expands in ubiquity, functional- 
ity and bandwidth, the opportunities to establish 
deeper relationships continue to grow. 

Volkswagen operates www.radiovw.com, an 
Internet radio station that streams the catchy 
tunes VW uses in its hip television commercials. 
It also offers other tunes that were considered for 
use in the commercials but didn’t make the final 
cut. Like a tune and want to buy the CD? Drop by 
your local VW dealer and pick it up. The VW 
Web site offers a host of features that have noth- 
ing to do with running a vehicle. The intent is to 
deepen customers’ belief that VW understands 
their values. 

The customer-facing aspects of relationship 
capital require a profound rethinking of market- 
ing. For the first time, companies can forge two- 
way, interactive, personalized relationships with 
all customers on a mass scale. While the virtue of 
deep relationships was always self-evident in the- 
ory, it was rarely practical before the Net. D 


Remember Cobol? 
If You Don’t, Get 
Reacquainted 


HEN I MENTION the word 

Cobol to IT people, they look 

at me as if I just awoke froma 
20-year coma. Many IT professionals 
consider Cobol, like Latin, to be a dead 
language. But rumors of 
Cobol’s death have been 
greatly exaggerated. Com- 
panies can’t ignore their 
Cobol software assets and 
need to incorporate them 
into their IT strategies. 

IT people treat Cobol 
like a pariah. Most univer- 
sities have dropped it from : = 

WILLIAM M. ULRICH is a 
management consultant 
and President of Tactical 
Strategy Group Inc. Con- 

tact him through www. 


responsible for much of . 


| their revenue. Programmers who know Cobol 
| tend to de-emphasize it on their résumés. 


In spite of its reputation, Cobol remains a re- 
silient force in IT. Dale Vecchio, research director 
at Gartner Inc., says there are roughly 180 billion 
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lines of Cobol worldwide. This isn’t surprising, 
given that Cobol has been around for more than 
40 years. What is surprising is Gartner’s com- 
ment in a February research note stating that 15% 
of all new application functionality through 2005 
will be in Cobol. 

In the same research note, Gartner stated that 
80% of all deployed applications through 2004 
will include legacy extensions. These extensions 
involve Web-based applications triggering legacy 
system transactions that perform operational 
business functions and access legacy databases. 
In January’s issue of “The Cobol Report,” Scott 
Ankrum wrote that CICS transaction volume 
grew from 20 billion a day in 1998 to 30 billion a 
day this year. This 50% growth in mainframe 
usage has largely been driven by Web-based 
systems accessing back-end Cobol applications. 

Cobol is not only alive and well; it continues to 
evolve as well. It supports object orientation and 
Internet communication. Developers can also 
create Cobol components to run under Enterprise 
JavaBeans architectures. And Cobol remains one 
of the most portable languages. Collectively, this 
means that programmers can use Cobol for the 
development of strategic Web-based systems. 

So, Cobol is still a valuable corporate asset. 
Here are five ways IT can leverage it during the 
next decade: 

@ Protect your Cobol talent. The number of 
Cobol programmers is shrinking, with many 
headed for retirement. Consider bonus programs 
for them. 
g Inventory and document your Cobol portfolio. 
f your company loses Cobol talent, you must 
know which Cobol systems perform which busi- 
ness functions. 
@ Leverage Cobol applications as a source of 
reusable components that can be used in the de- 
sign and development of new applications. This 
may require a Cobol compiler upgrade. 
@ Make sure analysts have access to tools to help 
them analyze and upgrade Cobol systems. There 
are some good Cobol reverse-engineering tools 
that also help derive Cobol components for reuse 
under Enterprise JavaBeans architectures. 
@ Recognize the need for new Cobol skills to 
upgrade existing systems and build new function- 
ality. You may need to enhance in-house training 
programs and rethink hiring plans. 

IT may need to launch an awareness campaign 
to gain funding support for these action items. 
One way to do this is to remind management that 


the replacement cost of these systems, conserva- 


tively estimated at $25 per line of code, is typical- 


| ly in the billions of dollars. 


Cobol has outlived newer programming lan- 


| guages, hardware platforms, operating systems 


and Y2k. It’s not going away and must be lever- 


| aged to meet strategic business requirements in a 


timely and effective manner. So, revisit the role 
Cobol plays in your corporate IT plans. B 
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WIRELESS 


TRACKING 


U.S. businesses have 
steadily increased their 
use of wireless devices 
during the past few 
years, but wireless is just 
beginning to catch on 

in the supply chain. 

The early pioneers say it 
can increase efficiency 
and, eventually, bring 
about major cost 
savings. » 34 


MAKING THE 
ULTIMATE LEAP 


Not too long ago, the 
idea of a CIO making 
the move to C 

even chief operating 
officer seemed absurd. 
But as IT’s importance 
grows, such moves are 
becoming downright 
commonplace. » 38 


THE RIGHT STUFF 


Forward-thinking CIOs 
are making sure their 


IT staffers have the right | z 


technical skill mix need- 
ed to help their firms 
meet current and future 
business needs. » 44 


[5 BANKRUPTCY 
THE END? 


Bankruptcy filings are 
making plenty of head- 
lines these days, but the 
“B word” doesn’t have to 
be the kiss of death for 
companies. » 48 
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Opinion: Ed Yourdon 





BUSINESS 


ANNA KILINSKI had her pick of three 
TCS SEM UCR mes mets 
Exxon Mobil for the opportunity to 
Gea Mara mel etme lie 
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COLLEGES BURST 
WITH TT HOPEFULS 


FIRST THE GOOD NEWS: THE NUMBER OF STUDENTS in IT college degree 
programs is way up this year. Now the bad news: Even as inter- 


est grows among students, demand from corporate 
America for entry-level IT talent has plummeted, 
leaving graduates scrambling for job offers. 
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BY MARC L. SONGINI 
Aircraft parts distributor Aviall Inc. is 
cautiously spreading its wings to speed | inventory data in the supply chain, 


BUSINESS 
Companies Test Their Wireless Supply Chain Wings 


management of its customers’ | Aviall, like several other companies, is 


Introducing new Red Hat® Linux® 7.1 


Rigorously tested 2.4 kernel—Support for more memory and more devices 
Heightened security—More secure default settings and firewall configuration 


Automatic software updates—Red Hat Network Software Manager for updates 
Ma Brie eta Aree 


compuss Frigg MICO CNTR 


inventory using wireless technology. 
With the need for real-time, accurate 





turning to handheld technology [News, 
March 5]. Although mobile systems 
have been around for years, their use in 
the supply chain is just beginning to 
catch on, say observers. 

“Is it a trend? Maybe it is the begin- 
ning of one, but it looks like the wire- 
less environment is embryonic,” said 
Scott Stephens, chief technology offi- 
cer at the Supply Chain Council Inc., 
a cross-industry consortium based in 
Pittsburgh. 


Taking It Slowly 
Aviall plans to adopt wireless slowly, 
said CIO Joe Lacik. The $500 million 
Dallas-based company just this month 
launched a wireless pilot, using de- 
vices from Holtsville, N.Y.-based Sym- 
bol Technologies Inc. to speed up in- 
ventory replenishment for customers. 
Currently, Aviall salespeo- 
ple go from bin to bin in 
customers’ warehouses and 
manually check stock levels to 
see what needs to be re- 
ordered. With the new sys- 
tem, salespeople will be able 
to scan bar-code labels on 
bins to immediately deter- 
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our customers that we are continually 
finding better ways to service them.” 

Using wireless devices is helping 
Nicor Gas, a Naperville, Ill.-based nat- 
ural gas distribution company, ensure 
that warehouse personnel stick to 
formal processes. Nicor went live this 
month with a radio-frequency-based 
system using devices from TS-Tek Inc. 
in Lakewood, Colo. 

“The system gives us discipline in the 
overall materials-handling processes,” 
said Pat Loftus, a regional maintenance 
manager at Nicor. 

Personnel use bar-code scanners to 
automate generation of purchase or- 
ders and the sending and receiving of 
goods. The device beeps if inventory 
items are scanned improperly or placed 
in the wrong bin. 

The data is then fed immediately into 
Nicor’s back-end systems, ensuring that 
it has current, valid information about 
its stock levels. Previously, it could take 

two to three days to deter- 
mine the status of a piece of 
inventory. 

Nicor can also do wide- 
spread checks on inventory 
levels in a day, whereas before, 
it could take three or four days, 
which would require overtime 
for workers. The system, 


mine whether they need re- JOE LACIK: Hand- which cost less than $100,000, 
filling. All of the data is up- helds willeliminate should pay for itself within a 


loaded via the Web to the time-consuming 
Aviall back-end replenish- manual processes. 


ment and enterprise resource 

planning systems, and the fulfillment 
process can start within minutes of 
scanning. 

Eventually, the company’s larger cus- 
tomers will be able to do the scanning 
themselves, saving Aviall as much as 
$1 million per year in time and man- 
power, said Lacik. 

“That’s the tangible dollars and 


| cents,” he said. “The intangible part 


is the statement we are making to 


year, according to Loftus. 

Hunt Corp., a Philadelphia- 
based manufacturer and dis- 
tributor of office supplies, is consider- 
ing installing wireless technology in the 
company’s supply chain but hasn’t de- 
tailed any plans yet. 

Wireless could offer a faster and 
more reliable means of communication 
with supply chain customers and part- 
ners than current hard-wired Internet 


| or electronic data interchange meth- 
| ods, said Ted Raiman, a supply chain 


director at Hunt. D 


Online Woes Push Toy Retailer Into Chapter 11 


Specialty toy retailer Zany Brainy Inc. last 
week filed for Chapter 11 bankruptcy protec- 
tion due to a financial crunch caused partly 
by problems at its e-commerce unit, which 
has temporarily stopped taking orders while 
redesigning the company’s Web site. 

Tom Vellios, Zany Brainy's president and 
CEO, said in a statement that the King of 
Prussia, Pa.-based company has been 
struggling to cope with a “substantial 


investment in our Internet strategy,” as well 
as the opening of new brick-and-mortar 
stores and the acquisition of stores from a 
rival retail chain. 

The company said it has signed a deal 
to receive $115 million in debtor-in-posses- 
sion financing from Boston-based Wells 
Fargo Retail Finance LLC, subject to bank- 
ruptcy court approval. 

- Craig Stedman 
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& work the terms so that you have a very malleable 
agreement. And in IT, the more malleable your 
terms, the more technically agile you have made 
your organization. 

What kinds of technologies and structures do you need in 
order to get that multiyear view? One of the cor- 
nerstones is enterprise asset management, 


which you use to really get a picture of your 


8 & environment, and to some extent, [to] try to 
keep track of assets so that you don’t lose an 
accounting of who’s running what, where, how 
many you own, and ultimately, what it’s really 
costing you to run that environment. The back 
end, of course, is, as you retire these assets, you 
need to know where they are, how to get rid of 


oxue 


Cte tee ee ee 


them [and] that you did get rid of them 
Other structures and tools would also in 
a business strategy and an IT strategy do 
The smart way for major companies to use their mil- BEOW:  eees ment. It’s pretty tough to develop a multi 
lions in IT spending power isn’t just to hammer down vestment picture unless the business has laid the 
the price of laptops and good service contracts, accord- > Til groundwork. Organizational setup is also criti- 
cal. Many organizations still operate in a decen- 


Jon Carrow, director of global tralized fashion when it comes to IT n 


» | 


ing to IT acquisitions specialist Jon Carrow. Buyers 
who can match the expectations of business planners ize 
with the architecture being built by IT make the com- IT sourcing and acquisitions ment. While full centralization has its draw- 
pany not only efficient but also technically agile, he backs, companies that adopt a shared-services 


says. Computerworld features editor Kevin Fogarty at drug maker American IT organization with respect to the management 


caught up with Carrow for a download on how his 15- Home Products Corp. of their infrastructure and global applications 


person department in Radner, Pa., keeps IT purchasing will have a better chance than others in develop- 
agile for Madison, N.J.-based American Home Prod- Pe”. Se eee ing executable long-range planning. 
ucts Corp.'s 57-country, 35,000-user operation. 
business. If so, you can standardize that before Do you have a ballpark figure for how much this approach 
What do you mean by “technically agile”? Technical the vendor knows they’re becoming a standard saves compared with not handling IT acquisitions on 
agility is a phrase I came up with trying to wres- and leverage your price down quite a bit. You a companywide level? Well, the hard savings that 
tle with the availability and change of technolo- can get terms in your agreements that allow you we can point-blank justify without getting into 
gy — and the speed [at which] new technologies a lot of flexibility — things like platform inde- any of the soft savings is around $60 [million] 
are released. Technical agility is the ability to pendence or processor independence or version $62 million over three and a half years. 
quickly and smoothly adapt to or integrate cur- upgrades or the ability to prevent a vendor from 
rent technologies with newer, different, disrup- splitting product enhancements in two and call- | Onan IT budget of how much? My group has spent 
tive, expansive or convergent technologies. ing it two different products. You can really about $400 million over those three years. D 

The faster that technology comes out, the 
faster you need to figure out how to bring it into 
the business and make use of it to get a return 
from the technology. Companies [that can] ac- 
quire that technology in a fashion that matches 
to their business strategy and their IT strategy 
and [who can develop] a plan for the eventual 
movement off of that technology will become 
more agile in the ability to change their business 
and adapt to changes in the market. 

Behind the IT strategy, you have to have an IT 
architecture — infrastructure and tools that 
you’re assembling today — that will be one step 
ahead of where your business strategy needs to 
be. If [in planning your purchases] you're look- 
ing at a one-year picture of an environment ina 
typical budget cycle, you can’t tell what you’re 
investing in, what you’re divesting from. 

The acquisition group that works with an IT 
architecture group unfolds that one-year picture 
into a map so that you can see multiple years of 
that same picture. If you have that picture when 
you make key investments in a database strategy 
or in bandwidth, you can ask whether it’s some- 
thing you'll be growing in size, whether it’s a 
one-off project that has no other piece, or if it 
could become a potential standard within the 
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Teen Leads Software Development 
At Chicago Customer Service Firm 


interviewee: i Br 
Age: 19 
Company: | 


Main location: Chicag 
Number of IT employees: 10 
Number of employees (end 
users): 15 

When did you = — 
flow? In Mar \ 


How did you convince 
them to hire you, giv- 
en your age? “|! 


you weren’t — at 
Lightflow? “Studyir 
r science at the ian 


nally.” 
What would you do differ- 
ently if you could? “| would 


ey, but all the ext 
add up very quickly.” 
What do you see 
yourself doing in 

~_ years? “| expe 


working in the IT 


‘What It's Like 
To Work at... 


ah 
apabili 


t sco the 
t, so they 


VU JdVd 


What has been most diffi- 
cult about taking a high- 
pressure job at your age? 


“The hours are ener. 4 and 


rvous and excited 4. The best | 
j about the job is the in- 
satisfaction and adrena- 
line rush t urs during a 
suc ccesstu 0 [or] investor 
meeting.” 
College plans: To start a com- 
puter science degree at Evan- 
ston, lll.-based Northwestern 
University’s McCormick School 
of Engineering in the fall. “Edu- 
cation is the most valuable thing 
that you can have. I'll always 
keep my education up-to- ‘date 
with regard to languages.” 
What would you be doing if 


Majer IT initiatives: “We're 


n a new release of our 


IT training: “Every member of 
the product development team 
ed to become a Sun 
Certified Java Programmer.” 
Bonus programs: There are 
cash bonuses and stock op 
reaching project mile- 


stones. 


: Workday: 9 a.m. to9 p.m 


SIX Gays a Week 
The one thing everyone 


: complains about: “North- 
: Point [Digital Subscriber Line 


service] shutting down! We 
were in the middle of transition- 


: ing between two T1 lines that 
: weekend, and they were our 


backup. That ended up being a 


: long, busy weekend.” 


Last companywide/depart- 


: ment perk: “A companywide 

: margarita party two weeks ago 
: - for those of drinking age.” 

: Would employees feel com- 
: fortable e-mailing the 

: CEO? “Absolutely.” 


- Leslie Jaye Goff | 
(lgoff@ix.netcom.com) | 
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Mastering Contracts 


LMOST EVERY IT PROJECT 


TODAY includes some element of 


outsourcing — for application development, data cen- 
ter operations, Web hosting, end-user training or myri- 
ad other details. Sometimes it’s a tactical decision 


(“Quick! C 


Call ABC Rent-A-Programmer! We don’t have 


time to recruit our own Java programmers!”), and sometimes it’s 
part of a larger strategic initiative to divest the enterprise of non- 


core competencies. 
more element today’s 


We've learned a lot about outsourcing in the 
past decade, ever since we started negotiating 
outsourcing megadeals for billions of dollars 
over a 10-year period. Some of those lessons 
should be remembered in today’s post-dot-com, 
recession-wary corporate environment; other- 
wise, we may repeat the mistakes we made with 
the unrealistic outsourcing deals negotiated 
during the gloomy economic climate of 1991-92. 

First, it’s crucial to know whether you want 
the outsourcing arrangement to be tactical or 
strategic in nature. If you’re building a quick- 
and-dirty e-business application for some 
short-term need, you'll want to negotiate a deal 
that allows either party to walk away from the 
relationship after the system has been in pro- 
duction for a few months. 

But if you’re building a complex global sys- 
tem that will require ongoing hardware, soft- 
ware and technical support in 25 countries 
chances are, you'll want a relationship stable 
enough to last three to five years before you 
have to start shopping for another outsourcing 
vendor. 

In tough economic times, IT managers tend 
to negotiate outsourcing deals as aggressively 
as possible, partly because they feel they will 
motivate vendors to be more diligent 
about efficiency and productivity, 
but mostly because senior manage- 
ment will be scrutinizing every cost 
item to see whether a few more pen- 
nies can be saved. 

This is understandable, but one 
of the lessons from the ’90s is that a 
long-term outsourcing relationship 
won't be stable and healthy unless 
it’s based on a win-win approach. If 
you're negotiating an outsourcing 
deal that will last only for the dura- 
tion of a one-year development ef- 
fort, maybe you can bully the vendor 


ED YOURDON is editor of 
Cutter IT Journal, 
published by Cutter 
Consortium in Arlington, 
Mass. Contact him at 
www.yourdon.com. 


But whatever form it takes, outsourcing is one 
s project managers must master. 


into accepting terms that will actually cause it 
to lose money. But if you try to apply this strate- 
gy to a 10-year relationship, it will eventually 
backfire. You can tolerate an obnoxious date for 
one evening, but an obnoxious spouse is likely 
to cause a divorce. 

Throughout the 90s, we also believed that 
metrics were the basis for a rational, objective 
relationship with an outsourcing vendor. 
Whether you call it quality metrics, product- 
ivity metrics or service-level agreements, the 
basic idea was to quantify every relevant aspect 
of the relationship to ensure that there would 
be an objective basis for determining whether 
the vendor was doing what it promised to do. 


Get Some Advice 


Today, we realize that while metrics and 
service-level agreements are the foundation of 
a healthy relationship, they don’t guarantee that 
conflicts can be avoided. Indeed, the most im- 
portant part of your outsourcing contract is 
likely to be the section covering conflict identi- 
fication, escalation, resolution and de- 
escalation. 

Perhaps the most important development in 
the outsourcing field during the past decade 
has been the growth of a mini-indus- 
try of advisers, facilitators, lawyers 
and consultants — including former 
CIOs — who can help IT firms and 
outsourcing vendors structure and 
negotiate complex outsourcing deals 
that have the best chance of surviv- 
ing through good times and bad 
times in the years ahead. 

If you’re about to embark upon a 
large, tough outsourcing negotiation, 
you should track down some of these 
folks. It may add a few dollars to the 
outsourcing budget, but it’s probably 
the best insurance you can buy. D 
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Allin neat little packages. 


Introducing Computerworld’s Resource Centers — where you get smart fast. 


Now there's one place on the Web where you can get all 
the insightful, unbiased, award-winning editorial found in 
Computerworld — plus links to a wealth of quality tools 
Computerworld’s Resource Centers are organized into 
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A decade ago, the concept of a techie in the 
executive suite was pretty far-fetched. But today, 
[T leaders with broad visions are making the 
move not only to CIO but to the top reaches 

of their firms. 


| 
| 
| 
| 
| 
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HEN KATHERINE M. HUDSON 
started her career at East- 
man Kodak Co. 30 years 
ago, she knew the drill. 
“You got into one of those 
silos, and you worked your 
way up,” she says of the preferred 
method of ascension at the Rochester, 
N.Y.-based camera and film maker. 
“You moved up, but never across.” 

But Hudson couldn’t stop herself. 
She did a stint as a systems analyst, 
worked in finance and dabbled in pub- 
lic relations, among other things. 

Then, to her surprise, things 
changed. Hudson's broad business 
background, combined with the one 
constant in her career — her ability to 
use IT to help build Kodak’s business 
— made her the natural choice to serve 
as the company’s first CIO, in 1988. In 

1994, after being promoted to gener- 

al manager of Kodak’s print- 
ing and professional pho- 
tography divisions, 
Hudson once again 
stood out and 
made the biggest 
leap in her career: 
She was tapped 
to become CEO 
of Brady Corp., a 
$500 million sign 
and label maker in 
Milwaukee. 
“T do think it’s 
tough to run a busi- 
ness if all you’ve ever had 
is one function, whatever it 
is,” says Hudson. “The CEO’s the 
consummate generalist.” 

When MIS directors became CIOs 
and chief technology officers in the 
late 1980s and early ’90s, they joined an 
elite corps of executives responsible 
for the strategic direction of entire 
companies. But within the past few 
years, as firms have made massive in- 
vestments in technology and begun to 
gamble on new Internet-based revenue 
streams, more CIOs are following in 
Hudson's footsteps and going right to 
the top. 

Those who have made the leap 
tend to possess specific traits: finan- 
cial savvy, a broad yet clear vision for 
a company’s strategic direction, and 
a capacity for dealing with the un- 
known. But more important, they’ve 
got “it” — that innate ability tc moti- 
vate and lead a wide variety of audi- 
ences, from stockholders to workers 
to customers. 

When Brady’s board of directors cre- 
ated a three-member CEO search com- 
mittee, board member Peter J. Letten- 
berger wasn’t exactly sure what the “it 
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was that he was looking for. But he 
thought he’d know it when he saw it, 
he says. 

Then along came Hudson. The 
board was impressed with her experi- 
ence as a successful CIO, says Letten 
berger. But it was more than that. 

“Had that been her only experience, 
I don’t think she would have ever been 
presented to us,” he says. 

Hudson spoke of work being fun. She 
talked about building consensus and in- 
volving people at all levels to take new 
risks and reach new goals. She had “it.” 


EPER OF THE FLAME’ 


Historically, if you look at CEOs, 
their backgrounds tend to reflect the 
critical challenges companies are 
currently facing, says Michael L 
director of the Center for Leadership 


ee aes - 
KATHERINE HUDSON meshed her technical back 


~ BUSINESS 


and Change Management at the Uni- 
versity of Pennsylvania’s Wharton 
School in Philadelphia, and author 

of The Leadership Moment (Times 
Books/Random House, 1998). in the 
1960s, CEOs tended to rise from among 
the marketing ranks; in the ’80s, they 
typically came from finance, he says. 

“It may be that for some comp 
now, what’s become absolutely cri 
is their technology,” says Useem. 

As one of the pioneers of the CIO- 
to-CEO shift, Hudson isn’t the least bit 
surprised to hear that the number of 
people following in her footsteps is 
increasing. 

“The world has gotten more global,” 
she says. Who better to lead today than 
a CIO who has successfully coordinat- 
ed a global enterprise resource plan- 
ning system initiative? she asks. 


Wreet) eee 
abt 
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That depends on the company and 
the person, says Howard W. Lutnick, 
chairman of New York-based Cantor 
Fitzgerald LP, one of the world’s 
le fixed-income brokerages, and 
chairman and CEO of eSpeed Inc., its 
financial e-marketplace ff. 

At a technology company, the CIO 
can rise to the top because technology 
has the closest connection to the rev- 
enue, Lutnick says. But at a direct-mail 
company, for example, chances are 
good that the job will go to a marketer, 

says. So ambitious CIOs looking at 
job moves should ask whether technol- 
ogy is “in a supporting role, or does it 
have a front seat?” he adds. 

When interviewing CIO candidates 
at Cantor in 1998, Lutnick knew exactly 
what he wanted: someone who could 
move the broker: from its open-out- 


mot PUR LUM cee" LLL! experiences to become CEO of Brady Corp. 





top 
Dogs 


Other technology leaders who 
have made the leap to CEO or 

COO include the following: 
Carl Bass, formerly CTO at Autodesk 


Inc., is now CEO and president of Buzz- 
saw.com Inc. 


Robert H. Benmosche, who ran IT at 
Paine Webber Group Inc., is now CEO 
of Metropolitan Life Insurance Co. 


Jim Burns, formerly CIO of North 
American operations at Swiss Bank 
Corp. (now UBS AG) and CIO at The 
Goldman Sachs Group Inc., is now 
CEO of Itemus Inc. 


Michael Capellas, formerly ClO and 
COO at Compaq Computer Corp.., is 
now its chairman and CEO. 


Henry Fiallo, formerly ClO at Cabletron 
Systems Inc., is now president and CEO 
of Enterasys Networks Inc. 


Deborah Gillotti, formerly ClO at 
Starbucks Corp., is now C00 at 
Viathan Corp. 


Alan R. Guibord, formerly C10 at Fort 
James Corp., is now Computerworld 
Inc.’s CEO. 


Cinda A. Hallman, formerly CIO at 
Du Pont Co., is now Spherion Corp.’s 
president and CEO. 


Dennis Jones, formerly CIO at FedEx 
Corp., is now COO at Commerce 
One Inc. 


Charlie Lacefield, formerly CiO at 
Dow Corning Corp., is now president 
of Phios Corp. 


Robin Raina, formerly senior vice presi- 
dent of technology at Delphi Informa- 
tion Systems Inc., is now CEO and 
president of the company, renamed 
Ebix.com Inc. 


Glenn Renwick, formerly ClO of Pro- 
gressive Casualty Insurance Co., is 
now its CEO of insurance operations. 


Art Ryan, who rose through the IT 
ranks at The Chase Manhattan Bank 
to president, is now chairman and CEO 
of Prudential Financial. 


Diego Saenz, formerly CiO at Pepsi 
Latin America and The Wackenhut 
Corp., is now COO at PetPlace.com Inc. 


Jim Williams, formerly CIO at Pacifi- 
Care Health Systems Inc., is now presi- 
dent and CEO of Smart Chip Technolo- 
gies Inc. 


40 


cry system to an electronic trading floor 
“My view of technology develop 


ment was pretty simple. I didn’t think 


t shr log wa rocke ‘ien ey her 
technology was rocket science”; rather, 


it’s all about architecture and engineer 


ing, Lutnick says. But he says most of 
the technology executives he met tried 


i stood 


to convince him that the work 
on their shoulders 

Frederick T. Varacchi, on the other 
hand, “had very much the same view 
that I did,” Lutnick recalls. Varacchi, 


then chief technology officer at Green 
wich NatWest Capital Markets Ltd 
was able to explain exactly how his 
plans would contribute to the bottom 
line and what it would take to make 
those plans a reality, Lutnick recalls 

“I fell in love with Fred,” he says 

Varacchi is good at setting objec 
that are attainable but exciting, says 
Lutnick. As Cantor’s CIO, Varacchi not 
only automated Cantor's trading floor 
on time and on budget, but in less than 
two years, he also helped spin off 
the system into a separate company 
eSpeed, which now runs 46 different 
online marketplaces and transacts 
more than $200 billion each day 
ESpeed generated $43.1 million in 
revenue in this year’s first quarter, a 
78% gain over last year’s. 

Although Varacchi had the capacity 
to lead, Lutnick says, he was “outside 
that hub where the flame is kept.” So 
in 1999, after a year as CIO, Lutnick 
named Varacchi chief operating offi 
cer and executive managing director 
of Cantor. A year later, Varacchi took 
on the additional titles of president 
and COO of eSpeed, the company he 
helped create. Now, says Lutnick, 
“Fred has become a keeper of the 
flame.” 

Having a former IT executive as 
president places further demand on 
Joe Noviello, eSpeed’s CTO. But 
Noviello has been with Cantor for six 
years, “before Fred and after Fred,” as 
he puts it. And in those after-Fred 
years, he’s seen technology evolve 
from a filling supporting role in the 
company to being its central focus 

“It’s really the visionaries that take 
what you've established and move it to 


the next step,” Noviello says. 


READY OR NOT 


The business world might be ready 
for CIOs, but are CIOs ready for the 
business world? 

“Many IT professionals are exactly 
that — they’re IT professionals,” says 
Nicholas S. Maturo, CEO of Miami- 
based Foodtrader.com Inc. and former 
CIO at Kraft Foods International Inc 
in Rye Brook, N-Y. 


BUSINESS 


Most CIOs in multinational firms 
could never aspire to be COO or CEO 
at those companies, because they don’t 
have the broad depth of knowledge 
that CEOs need, says Maturo 

Despite the naysayers, several CIOs 
have climbed to the top of Fortune 500 
companies within the past few years. So, 
what is it that makes them stand out? 

It’s the intangibles, says Varacchi 
Leaders must have vision, focus and 
drive; they must be great taskmasters 
and, at the same time, extraordinary 
motivators, he says. A good leader 
can walk into an organization and spot 
the flaws immediately. But, he adds, 
you have to keep quiet, make a few 
wins and build a name. Once you've 
achieved that, management will trust 
you to lead significant change 

Another critical skill, he says, is the 
ability to deliver in terms of time and 
money. A good CIO or CEO constantly 
thinks, “How can I take this technology 
and morph it in 10 ways to make more 
money for the company?” he says. 

A company leader must also be 
tough when necessary, Varacchi ex 
plains. The first thing he did when he 
went to Cantor was “clean house.” 

He laid off about 200 employees and 
hired 200 new people to redirect the 
company’s focus. He also brought in a 
few people he had worked with over 
the years to spread the word that he 
wasn’t a bad guy. 

So, how does one learn such skills? 
Varacchi offers the following advice: 


Pe 


Recipe for 
Success 


Here’s what it takes to move from IT 
leader to company leader, according to 
those who have made the jump: 


Listen to and learn how to talk to your 
customers, employees, board members and 
stockholders. 


= Create a solid vision for the company and 
continually steer it in that direction. 


@ Build a strong team. 


@ Set realistic but exciting business goals to 
boost the bottom line. 


= Never implement any project or technology 
that doesn’t advance company goals. 


= Deliver on goals, on time and on budget. 

= Don't be afraid to be tough and take charge. 
wAllocate your resources wisely. = 
ore aT ieee Fecsvisuiseeiarasibeeiiass 
# Know exactly what your competition is up to. 


1 Take lessons from those you admire. 


Work with dynamic people, keep your 
goal clear and stay faithful to it, and 
educate yourself about the job, the 
company, its operations, its administra 


tion, its sales and its competition. 


NO DOT QUALMS 


In 1999, Sharon A. Fordham was pro 
moted to Nabisco Inc.'s newly created 
e-business director position, or what 
she calls “C-little-e-O.” 

Global e-business, she realized, was 
more than just a communications plat- 
form; it was also a new revenue channel 
and productivity tool. So when Ford 
ham got the opportunity to become 
“C-big-E-O” of New York-based Weight 
Watchers.com Inc., where technology is 
at the core of the business, she felt it 
was too good to pass up, she says. 

“Some would say I was off my med- 
ication,” she joked about her decision 
to join a dot-com this year. 

Fordham remains confident in her 
choice, but her challenges are extensive 
For instance, should the company invest 
in domestic growth or international 
expansion? And how much effort 
should go toward business-to-busi- 
ness initiatives? 

Having so many new responsibili 
ties, many of which are being thrust 
at her as she goes along, will probably 
be scary, Fordham acknowledges. But 
“I don’t wake up to panic attacks,” 
she says. 

“I think you have to be very comfort- 
able with uncertainty, and many peo- 
ple aren't,” she says. “If you give up 
easily, this is not the place to be. This 
is not for the meek of soul.” 

A good CIO can cut through the 
complexities of running a business, 
stand back and determine where it 
should go. “Through that process, you 
become less enamored and less tech- 
nology-centric and more customer- 
centric,” says Foodtrader.com’s Maturo. 

Hudson agrees. But the biggest chal- 
lenge for any CEO is top-line growth: 
cutting costs and coming up with new 
products and services to build revenue, 
she says. 

As long as you focus on what your 
customers really want, you can grow a 
company, Hudson says. At Kodak, for 
instance, customers don’t want film, 
they want pictures, so the company de- 
veloped its digital camera line. 

The key, she says, is to surround 
yourself with a team of people who 
can help build new businesses. 

“The days of the Lone Ranger are 
gone,” she says. Nevertheless, as CEO, 
“the buck stops here,” says Hudson. “If 
all this stuff doesn’t work out, I’m the 
one that gets fired.” D 
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Price of 
» 

Success 
SUCCES 
More doors may be opening for CiOs, 
but are you sure you want to go 
through them? 

Frederick Varacchi, president and 
COO of eSpeed, says he realized just 
how high the price of success was 
when his wife, Eileen, gave birth to 
their third child on Nov. 15, 1999. Three 
days later, he headed out for the com- 
pany’s first initial public offering road 
show, which turned out to be a three- 
week-long gig. 

Varacchi says that if it weren’t for 
his wife, he’d never be able to do his 
job. “She is overwhelmingly supportive 
of my career,” he says. 

Still, like most parents, Varacchi 
says he wants “to spend more time 
with my kids. It’s a balancing act.” 

To do this, he tries to stick to a few 
hard-and-fast rules when it comes to 
family: Weekends are for the kids (ages 
7, 5 and 1); you always try to make the 
big events, like sports games and class 
plays; and, most important, “you try 
never, ever to let your kids down.” 

To balance out the long hours he 
puts in at the office, Varacchi makes 
the time to coach both his son’s and 
daughter’s soccer teams in the fall 
and his son’s lacrosse team in the 
spring. 

Katherine Hudson, CEO of Brady 
Corp., says she tries hard not to let her 
job take control of her life. There are 
times when the company has to come 
first, she says, but in generai, it’s not 
healthy to put it ahead of family needs. 

“CEOs work 24/7,” she says. But 
Hudson says she tries to limit her actu- 
al work hours to about 55 to 60 per 
week. And on vacation, she takes a 
fishing rod, not her laptop. 

Hudson’s life as an executive mom 
is made somewhat easier because her 
husband is a stay-at-home spouse who 
cares for their 13-year-old son, she says. 

Some IT leaders who have become 
company leaders find their new roles 
to be more flexible than previous 
ones. For instance, Nicholas Maturo, 
CEO of Foodtrader.com, bounced be- 
tween the U.S., Europe and Asia dur- 
ing his years as CIO at Kraft Foods 
International. 

“1 don’t think this is really any more 
demanding than my prior jobs,” he 
says. “I dragged my wife and children 
around the world. This is just another 
assignment.” 


- Melissa Solomon 









What if your network 
were fully adjustable? 
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HIGH SPEED PACKET SERVICES. When record demand for office furniture 
boosted data traffic and internal applications requirements, Steelcase 
needed more power and flexibility from their existing network. So AT&T 
Business augmented it with Integrated Network Connection Service, 
which dynamically allocates bandwidth to voice and data applications. 
Now Steelcase has the networking power they need, where and when 
they need it. And they're saving money in the bargain. You could say that 
when it comes to networking, they’re really sitting pretty: 


ATsT Business 
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Find out how High Speed Packet Services can speed up your business. 
Call 1 866 877-7115 or visit www.att.com/business/speed 
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The company 


continues to grow and grow. Its data needs sho 

letting up. A big deal, for sure—but nothing you 

That’s because SQL Server 2000 offers scalability for even tt 
most demanding environments. So you know that no matter 
how much—or how fast—your company needs to expand, you'l 


always have the tools to handle it. 


Part of the flexible Microsoft .NET Enterprise Server famil 
SQL Server 2000 allows you to scale up to 32 processors and 64 
gigabytes of RAM. With it you can also scale out, distributing your 
workload among a group 
of servers, making it easier 
to add capacity according 
to your needs. SQL Server 
2000 makes the most of 
whatever single server you 
install it on. And as demand goes up, you can simply distribute the 


workload across multiple machines for near limitless scalability 


The result? Scalability on demand. No wonder everyone’s so calm 


To get even more of the SQL Server 2000 scalability story, visit 


microsoft.com/sql 





HANGES FASTER 
than IT. With all the new 


technologies and technology 


OTHING ¢ 


trends on the horizon, how do 
CIOs decide which offer the 
best business value for their companies 
and how to retool their people in time 
to take advantage? 
Below, three CIOs discuss their dif- 
fering approaches, which reflect the 


particular challenges each faces 


Advocacy Approach 

PRC Inc., a McLean, Va.-based sub- 
sidiary of Northrop Grumman Corp., 
uses a process called Tech Watch to 
identify useful technologies, jump- 
start projects and re-skill people. 

An architectural lead team watches 
emerging technologies, maps them to 
the appropriate architectural 
groups and numerically rates 
them for impact on the business, 
cost to implement and readiness 
for deployment (see chart). 

‘The smaller the final number, 
the more likely it is we'll be using it,” 
explains Cora Carmody, former CIO at 
PRC. (Carmody recently left PRC to 
become vice president and CIO at 
Herndon, Va.-based Invensys Software 
Systems, a division of Invensys PLC.) 

The top 10 on the current Tech 
Watch list 
change at a moment’s notice,” Car- 

— are Linux, XML, data 


which is “subject to 


mody cautions 


WATCH 
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inalysis/decision support, enterprise 
portals, business-to-business e-com- 
merce, text analysis, customer relation- 
ship management, workflow engines, 
wireless Web protocols and Digital 
Subscriber Lines/cable modems. 

Once Tech Watch charts an emerg 
ing technology, anyone from the IT 
organization can volunteer to be an 
advocate for it. (During Carmody’s 
tenure, if no advocates came forward, 
she encouraged individuals to take the 
lead.) The advocate learns about the 
technology and the vendors and thinks 
about how it can make a difference to 
the company. 

“We've got advocates at all levels,” 
she says. “We see it as another way 
to bring people along, give them an 
opportunity to explore something 
and push them further.” 

Typically, the advocate finds 
others with an interest in the 
subject, and they begin to share 
information and build a techni 
cal knowledge base. The advocate may 
also attend seminars or buy inexpen- 
sive tools to learn more. In time, he 
may present a primer on the topic at a 
brown-bag lunch, an informal training 
opportunity that’s popular at PRC. 

The advocate typically will propose 
a pilot program to a manager in one 
of the architecture groups to which 
the technology maps. He can choose to 
become part of the pilot project, there- 


by working into a new job in the new 
technology area. The manager may 
send him, along with high-potential 
people in his department, to formal 
training in the technology in prepara- 
tion for the project. 

Using this approach, Carmody’s 
group recently implemented business- 
to-business e-commerce software from 
Mountain View, Calif.-based Ariba Inc. 
and realized the tool could also help 
with internal electronic purchasing. 
he group used the Ariba workflow 
engine to automate internal authoriza- 


tion and purchase processes via e-mail. 


The new system allowed PRC to cut 
its internal procurement cycle from 16 
days to less than two while decreasing 
procurement staff. “Think about the 
savings,” Carmody says. 

There are exceptions to the advo- 
cacy process when it involves a tech- 
nology that will have a huge impact. 
“For something like PeopleSoft, we’re 
not talking little seminars. We'd need 
some very serious training and invest- 
ment,” Carmody says. In that case, she 
would choose people based on past 
performance and familiarity with the 
business functions involved, such as 
human resources and accounting for 
an enterprise resource planning sys- 
tem like the one from Pleasanton, 
Calif.-based PeopleSoft Inc. 

In general, Tech Watch keeps the 
company on top of emerging technolo- 
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gies while enabling people to navigate 
their careers based on interests and 
initiative. “Everybody is challenged to 
take responsibility for his or her career 
and is given a lot of encouragement,” 
Carmody says. 


Everything Old Is New Again 


At State Street Corp. in Boston, CIO 
John Fiore is in the midst of an initia- 
tive to add contemporary software 
skills to the repertoire of his main- 
frame staffers while upgrading his 
mainframes with powerful new open- 
systems tools. Fiore says the main- 
frame/open-systems integration 
should give the bank the best of 
both worlds: new tools and languages 
adapted for stable, scalable mainframe 
systems. In addition, the move should 
enable legacy developers to pick up 
new skills while working on a platform 
they’re familiar with. 

During the past five years, the bank 
has added browser-based technology 
to the front end of its systems. Fiore 
chose mainframe staffers to help, 
based on their performance and sub- 
ject-matter expertise in the area under 
construction. He then immersed them 
in a comprehensive in-house curricu- 
lum ranging from object-oriented 
tools to Internet technologies. After 
that, the staffers were seeded to work 
among new hires chosen for their 
open-systems expertise. 


Three ClOs share the methods they use to keep up with technology 
and ensure that their IT staffs have the right blend of skills to meet 
current and future business needs. By Kathleen Melymuka 


SAILLS FOR 
TOMORROW 
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Although the plan has worked pretty 
well, Fiore acknowledges that certain 
delays and initial performance prob 
lems with the new front ends could 
have been avoided had he given people 
more time to learn the skills and apply 
them on smaller, less-critical systems 
to go back for retraining and only then 
to work on the critical applications. 

“Of course, that’s easy to say, but 
time is not always a luxury we have,” 
he says. 

Those lessons will be put to use 
as the bank gradually integrates lan 
guages such as Java and C, relational 
database technologies, TCP/IP and 
Web server software, which used to 
be available only in the open-systems 
environment, into its OS/390 platform. 

The initiative began with a series of 
feasibility studies to assess when the 
new technologies were “ready for 
prime time.” TCP/IP, for example, ini- 
tially had some performance problems 
running on the mainframe. 

As technologies mature, Fiore plans 
to integrate them into the mainframe 
systems to dovetail with other activi- 
ties. For example, if a major new com- 
ponent is being built for a system, he 
may introduce just-in-time training 
for Java or C tools to help with that 
development. 

Since new technologies will be in- 
troduced at different points based on 
their readiness for use and internal 


WHEN SHE WAS CIO AT PRC, Cora Carmody oversaw a process where IT professionals identify useful technologies 
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XML 
Text analysis 


Data analysis, 
decision support 


Data/knowledge 
Data/knowledge 
Data/knowledge 


Content based 
on retrieval 


Data/knowledge 


Audio mining Data/knowledge 


development plans, the staff should 
have time to digest the new tools and 
concepts one at a time, without suffer- 
ing the overload that slowed the front- 
end systems development, he says. 


Look Before You Leap 

Sometimes the best decision about a 
new technology is not to deploy it, says 
Ron Griffin, CIO at The Home Depot 
Inc. in Atlanta. 

“We bypassed most of the client 


mnartic oynerte off 
L IS Expectec 


/echnoiogies with the iowest ov 
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es 
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server platform, which was the Holy 
Grail at the time,”Griffin recalls, 
because IT management determined 
that it would increase total cost of 
ownership. 

Every few years, Griffin says he 
re-evaluates Home Depot’s overall 
infrastructure, tools, technology and 
approach, looking for seismic shifts 
that offer low cost of ownership, man- 
ageable life cycles and huge benefits. 
But to be worth retooling, “it has to be 
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a quantum leap,” he says 

During the 1990s, the technologies 
that best fit the home improver 
giant’s criteria were TCP/IP a 
To retool, Griffin hired a handful of 
people with deep expertise who liked 
coaching and teaching others 

He also leveraged Home Depot’s re 
lationship with Sun Microsystems In¢ 
“Sun had created Java and was growi 
it, so they partnered with us to get the 
organization up to speed, shared their 
expertise and their road map for the 
technology,” recalls Danny Br 
vice president of information ser 


“It was advantageous to both of 


we succeed with Java.” 

Home Depot developed trait 
classes and literally paused projects 
after the requirements phase t« 
novices to be trained just in time 

“We try to make sure we’ve always 
got deep expertise on the team and 
some people who are learning so peo- 
ple grow and expand their knowledge 
base,” Griffin says. “A good percentage 
of our people have multiple platform 
skills because of this approach.” 

Griffin says passing on client/server 
and diving into Java was the right deci- 
sion. “It feels like we have the best of 
both worlds: graphical applications 
without all the client/server overhead,” 
he explains. “Every new application 
for the last five years has been lever- 
aging that.” D 


jump-start projects 


and re-skill people. Carmody saw it “as another way to bring people along, give them an opportunity to explore something and PTS Om Um atic ig 
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Enrollments and graduation numbers are way up for 
MIS and CIS degrees this year. But at the same time, 
campus recruiting is de sclining. By Leslie Jaye Goff 


A BUMPER CROP 


OF IT ROOKIES 


ANNA KILINSKI had her pick of three - 
CS MCE ESB mela) : i 
Exxon Mobil for the chance to work at the ¥ 

top-ranking company in the Fortune 500. 


HEN SCHOOL LETS OUT for summer 
break, Anna Kilinski won't be head- 
ing for Cancun or Daytona or even 
for home. She'll be off to Fairfax, 
4., to start asummer IT internship 
at Exxon Mobil Corp. 
Kilinski had her pick of three internships. She says 


| she chose Irving, Texas-based Exxon Mobil for the 


chance to work at the top-ranking company in the 
Fortune 500. Kilinski can even recite all the leaders on 


| the annual listing. This will be her second summer in- 


| ternship, following a stint last summer at Kimberly- 
| Clark Corp. in Roswell, Ga. 


One of 300 stude nrolled in the MIS degree pro- 
gram at the University of Alabama’s Culverhouse Col- 
lege of Commerce and Business Administration in 
Tuscaloosa, Kilinski is among the growing number of 


| students enrolled nationwide in business-school pro- 


grams for management information systems or com- 
puter information systems. 

Despite cries from industry observers that univer- 
sities aren’t producing enough IT graduates to meet 


| the demand, the number of students enterin 
| graduating from — business-school MIS/ 
| programs is rising and has been for the past five 


years. The demand may outweigh the supply, but sta- 


| tistics from the Washington-based National Center 


for Education Statistics (NCES) and schools polled 
for this article indicate that business-student interest 
in IT careers is rapidly growing. 

“We’re at 300 students and holding, and we could 
double that easily, if we wanted to,” says Joanne Hale, 


assistant professor of management and information 


systems at the University of Alabama. “But our pro- 
gram is very project-intensive, starting with the 
sophomore year, and we couldn’t keep up our quality 
if we raised our enrollment cap.” 

Approximately 100 students graduated from Alaba- 
ma’s MIS program in the 2000-01 academic year, says 
Hale. Even with the enrollment caps, that’s up from 75 
graduates five years ago, and enrollment has in- 
creased from 206 in the same period in 1996-97. 

At Southwest Missouri State University (SMSU) in 
Springfield, enrollment in the College of Business Ad- 
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ministration’s Department of Computer Information 
Systems has approximately doubled in five years, 

from 539 students in 1996-97 to 1,062 this year. David 
Meinert, a 


ticipates that 198 students will graduate with the CIS 


professor and student adviser, says he an 


degree this year, up from 72 five years ago. 
The increase at SMSU has been driven by students 
transferring from other majors, as well as career- 
changers “who feel unfulfilled and come back to pur- 
Meinert says. 
“They like solving problems, and they 
work hard but expect to be recognized for de- 
livering,” he adds. “And most of them are in- 
terested in professional development, how 


sue their dreams,” 


they can become better IT professionals. 
They want continued training and to work on 
cool projects with emerging technologies.” 
he figures from the University of Alaba- 
ma and SMSU correspond with national fig- 
ures released by the NCES. From the 1996-97 
academic year to 1997-98 (the most recent data avail 
able), the number of bachelor’s degrees awarded in 
business information systems programs grew from 


7,048 to 9,393. Looking back over the 1990s, it reflects 


a continuation of an upward climb. 

As the number of enrollments in business-school 
IT undergraduate programs increases, the schools 
are turning out graduates who, like Kilinski, are in- 
creasingly exposed to real-world experience, hands- 


on use of technologies, completed live projects and a 


MORE 


www.computerworld. 
com/careers 
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solid foundation in both theory and applied IT. At 
the University of Alabama, for example, 
to 80% 
ship by the time they graduate, Hale says. 

Kilinski says she was surprised to see how much 
she knew once she was on the job. She says it demon- 


pproxi- 


mately 75° of students have oats an intern- 


strates how well p 
at Kimberly-Clark 
Only the scale of proje 


repared she was for her internship 


»cts was different, she says. 
For example, instead of using test data in school for 
an application to serve 100 customers, she 
was contributing to applications “servicing 
millions of customers” during her internship 
(see interview below). 

Computer science enrollments fell by 22% 
in the decade between the 1987-88 and 1997- 
98 school years, according to the NCES. But 
they’re definitely on the rebound. The Com- 
puting Research Association in Washington, 
which conducts an annual study of enroll- 
ments at schools offering bachelor’s, master’s and 
Ph.D.’s in computer science, found that 79,311 stu- 
dents enrolled in computer science and computer 


engineering programs this year, up 17% from last year. 
One school where enrollments reflect that trend is 
-urdue University, home of the first computer sci- 
ence degree program, which was established in 1962. 
The West Lafayette, Ind.-based school has more than 
doubled its number of computer science graduates in 
the past five years, from 80 in 1996-97 to a projected 


ITS Future Is in Good Hands 


Student Anna Kilinski already has a cl 


Q: Why did you choose an IT degree? 
A: | started out as a health care management major. My brother 
sparked my interest in IT, and | did some research and found 
that even with a business degree, a computer science minor 
gives you a competitive edge 

So | started a computer science minor, and | realized | want- 
ed to [pursue] the business aspects along with technology. | did 
some more research into what kind of growth there would be for 
IT, and it was very obvious that the demand would be growing 
well into 2010. So | switched into the MIS program at the end of 
my sophomore year. 

| wanted something that would challenge me to constantly 
learn. There isn’t one point in this program where you can get 
comfortable, because it’s constantly changing. It was definitely 
a change of pace from other courses | had taken - from working 
on my own to working on team-oriented projects where your 
decisions rely on those of two to 15 other classmates 


Q: How well do you feel your program has prepared you 
for an IT career? 

A: Exceptionally well. The list is endiess: interpersonal skills 
project management, hands-on experience, professionalism, 
learning to work with different people with different back- 
grounds and career goals. I'm working with three international 
students on my [senior project] team now. And I've been able to 
overcome communication barriers with them, for example. 

The projects I've worked on have been of tremendous educa- 
tional value. You have live clients with real deadlines and real 
funding. The program has allocated two labs for MIS students 
only, where we can go in and work on prototypes. We have mil- 
lions of dollars worth of software at our disposal. 


ear vision of how she wants to leave her career mark. 


Also, you get the opportunity to work with AIMS. That pro- 
gram has allowed me, on a personal level, to develop my net- 
working skills. You get to talk to ClOs, CFOs and HR people at 
Fortune 500 companies. We have them come once a week to 
talk about their IT projects, atmosphere, etc. We get to talk to 
them [on a] one-on-one level, so it opens the channel of com- 
munication [with potential employers] 


Q: What impact have your internships had on you? 
A: With each internship, you get to try a new industry, new 
technologies, a new town, a new job description. They're like lit- 
tle snapshots of what your career could be like. You can [assess 
whether] you see yourself doing this for a long time. You learn 
to assimilate to the corporate environment 

[At Kimberly-Clark] | was surprised to realize how much I'd 
actually learned in school and actually knew, once | started us 
ing my skills on the job every day. | think | knew what | was get 
ting into, but on a different scale 

The projects | worked on were similar to things I've done in 
school. But instead of using test data for maybe 100 customers, 
they were projects servicing millions of customers. | think the 
internship experience will be a differentiator when | hit the job 
market. 


Q: What do you expect from your IT career? 

A: At some point, I'll have the opportunity to stay on a technical 
track or go more into the business and management side. | 
think I'd enjoy project management. | see myself more involved 
in the aspect of helping people apply technology solutions and 
helping them walk through projects. And !'m excited about the 
opportunities for career-long learning. 


180 this year, says Ahmed Sameh, head of the 
puter science department. 

The increases in MIS/CIS and computer s« 
graduates would typically be greeted as good n 
for the IT supply-and-demand gap. But with the 
nomic downturn and the rise in U.S. unemployment 
to 4.5% in April, campus recruiting has slowed some 
At the University of A 
about 10% of this year’s MIS graduates 


what, professors say. 
for example, 
were still awaiting job offers in mid-April, Hale says 

“Last year, 100% of our graduates were placed by 
graduation; this year, I can confidently say 95% will 
be placed,” she adds. “That’s a softening for us.” 

Similarly, a handful of the 50 to 60 firms that regu- 
larly recruit from SMSU have told Meiner 
they’ll be seeking fewer graduates next fal 
have in the past. 

“One has reported a hiring freeze, 
have indicated that their high-priority projects are 
not at the entry level,” Meinert says. Nonet 
says, he expects graduate placement levels this year 
and next to remain consistent with previous levels 
For the past several years, SMSU has conducted sur- 
veys of former students 90 to 120 days after gradu 


| than they 
and a number 


heless, he 


tion. The results of the most recent survey show th 
92% of the graduates from the past several years 

have full-time jobs, 5% 
are no longer alten or didn’t respond. D 


are in graduate school ar 


Goffis a freelance writer in New York. 


Name: Anna Kilinski 


Degree/school: Bachelor of business administra- 
tion in MIS, Culverhouse College of Commerce and 
Business Administration at the University of Alabama 
in Tuscaloosa 


Activities: President of the Alabama Information 
Management Society (AIMS), a student profession- 
al association, for the 2000-01 academic year 


Internships: Kimberly-Clark in Roswell, Ga., 
summer 2000; Exxon Mobil in Fairfax, Va., summer 
2001 


Graduation date: December 2001 


WHO SHE IS 


balance. | k 
will want 
here talk about flext 

| know there will be long h 
70 hours some weeks and 40 h 
off is you get more money in 
that, because of the deman 
and choose more ‘ 


Q: What are your career goals for the next on om 
A: | don’t want to set a [salary because that will ct 
Consulting is something | find int ng, although | wouldr 
it forever because of the travel 

Eventually, within 10 years, | think I'd like to settle down with 
a retail business. | just want to make sure my career is limitless 
with advancement, that | progress not because I've been there 
xyears but because I’m working hard and learning and being 
recognized for the contributions that I'm making. 

- Leslie Jaye Goff 





BY CHRISTIE TAYLOR 
EFORE UNIFI Com- 
munications filed 
for Chapter 11 bank- 
ruptcy 
1999, 


in 
the 
team 


January 
account 
the 
company was in distress. Open 


management knew 


positions at the Burlington, 


Mass.-based telecommunica- 
tions firm weren't being filled, 
barbe- 


and Friday afternoon 


cues were a distant 


We're 


round of funding” 


memory. 


looking for another 
was the oft- 
spoken phrase heard the 
halls the 


Chapter ll proceedings 


in 
during company’s 

Unifi’s business model was 
centered around quick deliv- 
ery of secured faxes. But when 
the Internet emerged, Unifi 
was sent packing. 

“We gave as much advance 
notice as we knew,” says Tricia 
Forrester, who was a human re 
sources benefits specialist at 
Unifi during the bankruptcy. 
“We didn’t know whether last- 
minute deals would’ go 
through, but once we knew the 
company had decided to dis 
solve, we let employees know.” 


Glimmer of Hope 

But before employees hear 
the “B” 
bling for the door, they should 
realize that facing Chapter Il 


word and start scram 


isn’t the worst place to be. Un- 
like Chapter 7, 
hope under Chapter 11. 

If a bank, venture capital 
firm or other lender thinks a 
company has enough staying 


there’s some 


power to make an injection of 


money worthwhile, it provides 
known as debtor-in- 
(DIP) 
These lenders are at the 
the list come payback 
DIP financing is what 


what’s 
possession financing. 
time. 
many 
struggling dot-coms are vying 
for today. 

“Think of Chapter ll as a 
game of tennis in which the 
corporation has a right 
serve,” says Harvard Business 
School professor Stuart Gilson. 


to 
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Bankruptcy 


Bankruptcy affects companies that don’t have the cash 
to pay their debts, but it doesn't have to be a kiss of 
death. In Chapter 7 bankruptcy, a company goes out 
of business, sells its assets and pays off creditors un- 
der the direction of a court-appointed trustee. In 
Chapter 1] bankruptcy, the company remains in opera- 
tion and tries to reorganize or liquidate its assets. 


“In the game of bankruptcy, 
management gets to serve the 
ball until it gets it over the net. 

“[U.S. bankruptcy laws] op- 
erate under the presumption 
that a company is worth more 
alive than dead and that if you 
can give that company some 
breathing room, sometimes it 
will turn around,” Gilson adds. 

In Chapter ll proceedings, a 
company’s management has 
120 days to come up with a so- 
lution for resolving its debt. 
(During this time, there’s often 
a change in management.) 
Creditors then have 60 days to 
either vote in favor of the plan 
or send management back to 
come up with a new approach. 

But high-tech 
face an unpredictable set of 
circumstances when it comes 


companies 


to seeking cash _ injections: 
rheir primary assets can walk 
right out the door. 

In more traditional markets, 
companies filing for bankrupt- 
list equipment and 
products as their assets. But 


when an idea-based outfit like 


cy can 


a high-tech company is forced 
to shut its doors, payback gets 
a little more complicated. 

“For those companies who 
have people with ideas, credi- 
tors seeking recovery in a typi- 
cal software high-tech distress 
situation may find trouble cre- 
ating value out of assets,” says 
Jeff Spiers, a bankruptcy attor- 
ney at the Houston office of 


Andrews & Kurth LLP. “The 
reason being, assets are imbed- 
ded in people’s brains. And in 
dentured servitude went out 
with the Emancipation Procla 
mation.” 

When 
ion Web site Boo.com folded 


London-based _fash- 
last summer, it faced the same 
problems that companies such 
as Santa Monica, 
DrKoop.com Inc. 


Calif.-based 


face right 


[Bankruptcy 
laws assume] 
that a company 
is worth more 
alive than dead. 
STUART GILSON, 


PROFESSOR, 
HARVARD BUSINESS SCHOOL 


now: how to capitalize on in- 
tangible assets. Boo.com sold 
its software and intellectual 
property, but at a price greatly 
reduced from its development 
costs. Most of the information 
was in the brains of its soft- 
ware developers. 

Waltham, Mass.-based Toys- 
mart.com Inc. tried to address 
this problem during its liquida- 
tion last summer by attempt- 
ing to sell its customer list, one 
of its few tangible assets. But 
that resulted in a battle with 
the Federal Trade 
sion, which accused Toysmart 
of violating its privacy policy. 


Commis- 


In that policy, Toysmart as- 
sured customers that it would- 
n’t share their personal infor- 
mation with third parties. 

“For high-tech companies, 
Chapter 7 is more common 
than Chapter ll because your 
value tends to walk out the 
door,” says Gilson. And “when 
that value leaves, there’s less 
available to support reorgani- 
zation,” he explains. 


Still Playing 


Even companies that don’t 
produce a high-tech product 
have about 
their tech-minded employees. 

In February, Loews Cineplex 
Entertainment Corp. in New 
York filed for Chapter 11 bank- 
ruptcy protection and an- 
nounced it would close 23 the- 


to be concerned 


| atres in Canada. The company 


COMPUTERWORLD May 21, 2001 


had already closed 164 screens 
at 34 locations between March 
and November 1999, 

However, it’s still business as 
usual for the IT department, 
according to Mindy Tucker, 
of strategic 
planning at Loews. 


vice president 

“During our Chapter ll, we 
continue to pay our employees 
and they continue to have the 
same benefits they’ve always 
had,” she says. “The employees 
that are being impacted the 
most are those in the theaters 
that are closing.” 

Although IT 
might find comfort in the fact 
that their skills are in demand, 


employ ees 


morale is bound to waver as 
they watch co-workers get laid 
off. It takes faith and loyalty to 
continue working for a compa- 
ny as its stock price nose-dives 

especially if employee com- 
pensation packages include 
stock options. 

When a company is paying 
back its creditors during a 
Chapter ll bankruptcy case, or- 
ganizations that are typically 
paid back first include banks, 
other lenders and insurance 
companies. Those administer- 
ing the bankruptcy proceed- 
ings come next, with stock- 
holders (including employees) 
last in line. 

Employees are given priority 
when it comes to wage com- 
pensation. Bankruptcy laws al- 
lot $4,300 per employee for 
anything earned within 90 
days of a firm’s bankruptcy. 

Employees of companies 
that are facing bankruptcy also 
need to think about health in- 
surance, 401(k) distributions 
and life insurance. “Once a 
company stops sponsoring [in- 
surance plans], it usually lets 
employees know right away,” 
says Unifi’s Forrester. “No 
company wants to drop a 
bomb like that.” D 
Taylor is a freelance writer 
in Houston. Contact her at 
annactaylor@msn.com. 
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Leasing’s Different 
When It’s Laptops 


APTOPS ARE INCREASINGLY USED in today’s mobile work- 
force computing environment, and in corporate Amer- 
ica, a good percentage of them are leased. 
Many laptop lessors start with a traditional lease 
originally drafted for mainframe leasing and try to make it 
work for laptops. But watch out! 


There are 10 traditional 
leasing provisions that should 
be treated differently with lap- 
tops. Neglecting to make these 
changes can make it difficult 
to live up to the letter of a lap- 
top lease and can even techni- 
cally place you in default of a 
leasing agreement. To avoid 
ugly complications, ask your 
lessor for contract changes re- 
garding the following topics: 
= Relocation without approval. 
Laptops can move around an 
organization and the world, 
so it’s essential to get rid of 
the lessor’s right to approve 
a location change. 

w Equipment tagging. Lessors 


want you to tag the equipment 


with their ownership labels 
and usually provide the tags 


Airline to Offer 
Wireless Ticketing 


JetBlue Airways Corp. announced 
that it will allow passengers flying 
out of John F. Kennedy Internation- 
al Airport in New York to check in, 
get boarding passes and check lug- 
gage from anywhere inside or out- 
side the terminal. 

The Kew Gardens, N.Y.-based 
discount airline isn’t the first to 
offer a wireless check-in option 
for travelers, but it claims to be the 
first to have an army of roving ticket 
agents with portable equipment 





after the equipment has been 
distributed. But it’s an enor- 
mous effort to send the tags to 
all of the equipment users, ask 
them to affix the tag and ver- 
ify that the task has been ac- 
complished. Don’t agree to it. 
w Lessor inspections. Inspec- 
tions are an administrative 


| nightmare. Your lease was 
based more on your credit- 


worthiness than on the equip- 
ment'’s value. Inspecting a 
mainframe in a glass house is 


| one thing; inspecting hun- 


dreds of laptops is unrealistic. 
Don’t do it. 


| m Defining “acceptance.” Lap- 
| tops generally require some 


initial configuration and 
inspection work, which may 


| be outsourced or performed 


boarding passes and check luggage. 
The airline said it plans to roll out 
the service to all of its other city 
operations soon. 


Intel Helps Resellers 


Customize Sites 


| Intel Corp. last week announced the 


launch of its Server Design Center, 
a new online resource designed to 
help thousands of resellers config- 
ure customized servers for small 
and medium-size business cus- 
tomers. Resellers can go to the cen- 


ter and answer a series of questions | 


about their needs, such as how 
many users they want their server 


| in-house. Nevertheless, 
acceptance, or lease com- 
mencement, should begin 

| only after configuration, not 

| when the laptop is shipped. 

| mRisk of loss. Decide who 

| bears what risk and when. It’s 

| more complex than the main- 
frame deal, where the manu- 
facturer (or lessor) ships 

| and you receive. Here, there 
could be two risks. Risk No. 1 
occurs when the equipment is 

| shipped by the provider to 
the configurator. Risk No. 2 

| occurs when the configurator 

| ships the equipment to your 

| users. If the lessor uses a con- 
figurator, get the lessor to bear 
the first risk and the configu- 

| rator to bear the second. 

| m Taxes. Laptops are consid- 


|_to support and how much redun- _}. 


| dancy it needs. The Web site then 
provides a “recipe” for building that 

| server, including information such 
as what type of processors and 1/0 
to use and how much memory to 

| include. 


| The market for virtual private net- 

| works (VPN) is expected to grow 

| from $2.53 billion this year to $7.2 
billion by 2003, according to The 
Insight Research Corp., a telecom- 
munications market analysis firm in 
Parsippany, N.J. The growth of 
VPNs, which are private networks 

| that securely transmit data via the 
Internet and managed networks, 





“YPN Market to Grow 


| ered personal property and 
| are therefore taxable by your 


state and possibly your local 


| government. The lessor, as the 
| owner, pays the taxes, and you 
| reimburse him (it’s called a 

| net lease). Make sure you get 


copies of the tax bills and ver- 


| ify that they’re correct. The 


other tax issue is location; the 


| location of record should be 


where the laptops 
are used most. 

w Replacement in 
kind. Laptops get 


| lost and damaged. 


Having to return a 


| machine with the 


same serial num- 
ber (as many leas- 
es require) isn’t 
practical because 


49 


the lease cost includes the 
software, make sure you have 
the right to use it beyond the 
end of the lease. 
= Cleaning the hard drive. You 
may place additional software 
on the laptop’s hard drive and 
thus leave a lot of your firm’s 
information there. Get a war- 
ranty from the lessor that it 
will clean the hard drive when 
you return the 
equipment. You 
should perform 
this function 
yourself, but lo- 
gistics sometimes 
make it difficult. 
w Upgrades, trade- 
ins and other op- 
tions. Because of a 


laptop’s usage 


of the potential of 


loss. 


Moreover, when 


you send a laptop 
off to a central re- 


| pair facility, you 
| may not even get 


the same machine 


| back. Secure the 


| right to give the 
| lessor a laptop of 


JOE AUER is president of 
International Computer 
Negotiations Inc. 


(www.dobetterdeals.com), | 


a Winter Park, Fla., 
consultancy that edu- 


cates users on high-tech | 


procurement. ICN spon- 


sors CAUGUS: The Asso- | 
ciation of High-Tech Ac- | 


quisition Professionals. 
Contact him at 


characteristics 
and short life, it’s 
unrealistic that a 
lease will run to 
the end of its 
term. 

Therefore, ade- 
quate provisions 


must be negotiat- 


the same make and a 

comparable model with a sim- 
ilar configuration, without be- 
ing tied down to the same ser- 


| ial number. If you don’t have 
| this right, you may wind up 
| eating an expensive loss. 


| = Software. All laptops come 


| with the operating system 
; and desktop applications pre- 
| loaded by the manufacturer. If 





tion of greater dedicated broadband 
access and corporate reliance on 
network outsourcing, according to 


| Insight Research President Robert 
| Rosenberg. 


‘Cruise Workers Get 
| Wireless Access 


Employees on board the cruise ship 
Radiance of the Seas will get wire- 


| less access to e-mail, the Internet 


and corporate applications based on 


| IBM’s NetVista Internet Appliance, 


according to Miami-based Royal 
Caribbean Cruises Ltd., which owns 
the ship. Last week, the company 


| announced that 500 devices will be 


joea@dobetterdeals.com. 


ed to trade in 
or upgrade the 
equipment during 


the term. Evaluate your needs 
and negotiate for flexibility. 
Having to buy out the lease or 
pay early termination charges 
can be costly. 

We've all discovered that 
the laptop world is different. 
Now we must ensure that our 
lease deals reflect the realities 


of laptop life. D 


ina- _| installed in the Radiance and that _ 


two other ships will be similarly out- 
fitted in the coming year. 


IT Spending Slows 


One-third of CEOs have cut back on 
IT projects during the current eco- 
nomic downturn, according to a 
recent survey from The Business 
Council, a Washington-based asso- 
ciation of CEOs from major U.S. 
corporations. Only 10% of the 
companies surveyed said they are 
increasing their technology invest- 
ments. The CEOs overwhelmingly 
said they have been pleased with 
the results of previous IT projects, 
which have proved worthy of the 


| investment. 





The world’s most “mission-critical” applications 
rely on the performance of Cache. 


More hospitals around the world are running 
their “life-or-death” applications on Caché 
than on any other database system. 

With proven reliability like this, you should 
consider Caché for your critical applications. 


With its lightning speed and massive scalability, 
the performance of Caché makes it a perfect 
match for any enterprise, in any industry, with a 
requirement for fast transaction-processing 
applications capable of scaling to tens of 
thousands of users. 


Caché uniquely combines robust object and 
relational technologies, coupled to a multi- 
dimensional data engine. Plus, it includes a rapid 
Web application development environment. 


Cache is backed by 24x7 support from 
InterSystems — a leader in high performance 
databases for 23 years, with 4,000,000 users 
worldwide in healthcare, financial services and 
other industries. 

InterSystems 


Ee CACHE 


Make Applications Faster 


Download Caché for free or request it on CD at www.InterSystems.com 


* InterSystems’ database technology is used by Ameritrade, Hitachi, Johns Hopkins, Kennedy Space Center, 
Paine Webber, Pepsi Cola, Prudential Insurance Co., Shell, U.S. Army, World Bank and other successful enterprises. 


All ngh a registered trademark of 
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FLAT-PANEL | 
PROGRESS 


KEN MANN of Shell Services International 
says that although the company has hit “some 
bumps in the road,” most will be fixed when 


By replacing a velvet- 
covered rubber roller 
with an ion gun, IBM re- 
searchers have found a 
better and cheaper way 
to manufacture LCDs 
for computers. » 52 


SECURITY 
JOURNAL 


An intrusion-detection 
system that doesn’t keep 
up with network traffic 
won't do its job. Secu- 
rity manager Mathias 
Thurman reveals the 
techniques he uses to 
determine if sucha 
system will perform 

as advertised. » 54 


FUTURE WATCH 


AT&T’s research labora- 
tory in England is work- 
ing on an ultrasound 
tracking system that can 
locate a person with a 
wearable device and 
then create a virtual 
picture of his environ- 
ment. The system could 
help workers on the 
move, but it raises seri- 
ous privacy issues. » 56 


EMERGING 
COMPANIES 


KVS’s Enterprise Vault 
automates the archiving 
and retrieval of Micro- 
soft Exchange Server 
e-mail messages to keep 
user mailboxes trim and 
server performance 
high. However, users say 
they’re using the prod- 
uct mainly for its archiv- 
ing capabilities. » 60 


its card-management system is deployed. 


ARE SMART CARDS 


A SMART DECISION? 


SMART CARDS PROMISE to ease security administration, increase secu- 
rity through better authentication and enable single sign-on for 
network resources. They should also take some pressure off help 
desks, since 30% of calls received are regarding forgotten pass- 


words. But smart cards can add complexity to the IT 
infrastructure. Although the setup issues are getting 
easier, users who have been down this road say 


tough integration and management issues remain. 





Forecast: 36 Wireless 
Use Isn't imminent 


In its annual “Technology Forecast,” 
PricewaterhouseCoopers said near- 
term interest by businesses in third- 
generation (3G) wireless networks 
will be minimal for the next few 
years. Instead, the New York-based 
consultancy said 2.56 wireless net- 
works using General Packet Radio 
Service (GPRS) as an upgrade to 
existing Global System for Mobile 
Communications networks will be in 
vogue. GPRS offers an always-on, 
packet-based network and provides 
a realistic bridge to 3G networks. 


Norfolk Southern Rolls 
Out Bill-of-Lading App 


Norfolk Southern Corp. said it has 
launched an Internet-based system 
that lets customers electronically 
create bills of lading for new ship- 
ments. The bill-of-lading applica- 
tion, which is part of the Norfolk, 
Va.-based transport firm's Thor- 
oughbred Information System suite 
of Web-based e-commerce applica- 
tions, gives customers an estimated 
rate immediately after they request 
a shipment. The system creates an 
electronic waybill based on histori- 
cal data stored in Norfolk South- 
ern’s mainframe. It minimizes cus- 
tomer data entry and reduces the 
effort required to ensure timely and 
accurate shipping information. 


Borland Readies Java 
Development Tools 


Borland Software Corp. in Scotts 
Valley, Calif., last week announced 
that its Jbuilder 5.0 will be available 
next month. This latest version of 
the company’s Java 2 Enterprise 
Edition-compliant development 
environment includes support for 
XML, integration with Borland’s App 
Server and application servers from 
IBM and San Jose-based BEA Sys- 
tems Inc., and support for code 
management tools from Microsoft 
Corp. and Cupertino, Calif.-based 
Rational Software Corp., according 
to Borland. 


TECHNOLOGY 


Process Improves 
Flat-Panel Displays 


IBM innovation could revolutionize 
industry with cheaper, better LCDs 


BY RUSSELL KAY 
r ONE critical 
stage in manufac- 
turing LCDs for 
laptop or desktop 
computer use, the 

plates need to be rubbed back 
and forth with a velvet-covered 
rubber roller. Though scien- 
tists have studied this curious 
process since its development 
in 1906, they still haven't fig- 
ured out for sure just what it 
does or how it works. 

Now they can stop trying. 
IBM scientists have developed 
a new process that speeds up 
manufacturing while signifi- 
cantly reducing the reject rate. 
This new technique could rev- 
olutionize the $20 billion flat- 
panel display industry, poten 
tially saving makers and con- 
sumers millions of dollars. 


New vs. Old 


To work properly, the rod- 
shaped liquid crystal molecules 
in a display must be properly 
lined up, end to end. An electri- 
cal signal is then applied, and 
the molecules twist and rotate, 


turning pixels on and off. But if 


the liquid crystal molecules 
aren't aligned properly, the re- 
sulting display won't work. 

In the existing process, a 
glass plate is coated with a 
polymer substrate, and then 
the entire surface is rubbed by 
a velvet cloth, usually covering 
a rubber roller. The plates are 
then and baked to 
eliminate contaminants. Next, 
the liquid crystal molecules 
are placed onto the substrate, 
where they line up precisely 
along the rubbing direction. 


washed 


Until now, the only way to | 


reliably align the molecules 
was that 95-year-old process. 


The system works fairly well, | 
| crisper than the top-of-the-line HDTV sets. 


but it’s inefficient for several 


reasons. First, it introduces de- 
bris that could contaminate the 
process, so rubbing and subse- 
quent cleanup must be done 
outside the clean-room envi- 
ronment where the rest of the 
manufacturing occurs. 

Second, the velvet can create 
streaks and scratches that will 
be noticeable in high-resolution 
displays. This is particularly 
troublesome in that a rubbing- 
caused defect likely won't be 
caught until later in the proc- 
ess, after hundreds of defective 
panels have been made that 
must be discarded. 

Third, the rubbing can pro- 
duce electrostatic discharges 
that can damage delicate elec- 
tronic circuitry just below the 
rubbed film. 

Also, the velvet cloths wear 
quickly and must be replaced 
every shift, stopping the manu- 
facturing process. Finally, since 
the the 
process isn’t well understood, 


nature of current 
it has been difficult to improve 
on it or to solve problems 
“Replacing the rubbing proc 
ess with a simple noncontact 
method has been one of the 
most significant roadblocks in 


When we 
successfully 
integrate this 
process into 
manufacturing, 
it will enable 
new generations 
of displays 
that are higher 
quality and 
lower cost. 


PRAVEEN CHAUDHARI, LEAD 
RESEARCHER ON IBM PROJECT 


manufacturing,” said 
Praveen Chaudhari, lead re- 
searcher on the IBM project 
and winner of the 1995 Nation- 
al Medal of Technology. “When 
we successfully integrate this 
process into manufacturing, it 
will enable new generations of 
displays that are higher quality 


display 


and lower cost.” 
In the May 3 issue of the sci- 
entific journal Nature, Chaud- 


IBM WILL USE ITS NEW display manufacturing technique to build the 
world’s highest-resolution display. Code-named Bertha, IBM's display 
has more than 9 million pixels on its 22-in. screen and is 4.5 times 
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hari and his colleagues de- 
method that 
uses a low-energy beam of ions 


scribed a new 
to align the liquid crystal mole- 


cules without the need for 
physical contact. 

The first part of IBM’s new 
method is to abandon the poly- 
favor of a 


diamondlike 


mer in substance 
called 


which is widely used as the 


carbon, 


final hard layer on magnetic 
disk platters. An ion gun is 
aimed at the carbon layer at an 
angle, and its beam selectively 
pushes away groups of carbon 
atoms on the that 
aren't oriented parallel to the 
beam. Left behind are atomic- 
scale rows. When the liquid 
crystal material is added, one 
end of each molecule attaches 
to an exposed carbon atom, 
and they all line up in the di- 
rection of the rows. 


surface 


IBM’s new process has sig- 
nificant advantages over the 
old method. 

First, it takes less time and 
streaking, in- 
and 


less 
yield 
waste. The display surfaces are 
automatically — and atomical- 
ly — smoother than is possible 
by rubbing. The technique is 
built right into the manufactur- 


produces 


creases reduces 


ing line inside the clean room, 
eliminating a number of steps 
and interruptions. 

Not using the polymer film 
also avoids the need for organ- 
ic solvents and their disposal. 
Finally, besides the manufac- 
turing efficiencies, preliminary 
tests of displays made through 
the new process point to some- 
what better image quality, in- 
cluding a reduction in “ghost- 
ing,” or image persistence. 

IBM is considering convert- 
ing a pilot line used to build 
displays with this technique 
into a full-blown production 
line by year’s end. An IBM 
spokesman said the company 
is open to licensing the process 
to other display manufactur- 
ers. He added that last year, 
IBM earned more than $1.7 bil- 
lion in revenue from intellec- 
tual property licensing. 

At the annual meeting of the 
Society of Information Display, 
which will be held June 3-8 in 
San Jose, IBM will demonstrate 


| a prototype display made with 


the new ion-beam process. D 
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Intrusion-Detection 
Systems by the Numbers 


Well-designed IDS performance tests help security 
manager separate product hype from reality 


BY MATHIAS THURMAN 
HEN YOU BUY a sports 
car, it’s a no-brainer | 
that you'll take it for | 
a test drive to make | 
sure you like the way | 

it handles, the comfort level and its | 

performance. And if you're like me, | 
when purchasing a security product for | 
your company, you show 
the same due diligence to 
make sure you're getting 
the performance you need. 

My company recently 
tested and acquired a net- 
work-based intrusion-de- 
tection system (IDS). Over 
the past few months, I’ve 
received many e-mails from 
readers asking me to ex- 
plain the performance-test- 
ing methodology I used, so 

I've decided to share how I 

tested our network-based 

IDS. (A network-based IDS 

server watches traffic des- 

tined for all host systems 
on a subnet, while a host- 
based IDS typically runs on 
each host system to be protected.) 


ceoree 


Performance is only one possible cri- 
terion for choosing an IDS. Depending 
on the level of expertise of you and 
your staff and the amount of resources 
available, your requirements and test- 
ing criteria may be different from mine. 
You might focus on ease of use and 
strong reporting, ease of creating new 
attack signatures or price. 

Performance is critical to me be- 
cause of the high amount of band- 
width our site must sustain. I can’t 
afford to miss any potential events be- 
cause of the performance limitations 
of the IDS infrastructure. 

My definition of IDS performance is 
the ability for an IDS infrastructure to 
consistently detect x number of at- 
tacks within a given bandwidth utiliza- 
tion. The key word here is consistent. 


SECURITY 
MANAGER'S 
JOURNAL 


Words like usually, sometimes, typical- 
ly and on average don’t work for me. I 
have to know that at 3 a.m., while I’m 
tucked away in bed, my IDS is consis 
tently analyzing every packet for signs 
of an attack. 

Most IDSs look at each IP packet and 
determine whether it’s part of an attack. 
IDS software can take many approach- 
es to accomplish this, just 
as home burglar alarms 
have many ways to detect 
when someone has broken 
into your home. But I won't 
go into IDS software tech- 
nology here. 

The issue with perfor- 
mance is that with high 
levels of bandwidth, I want 
my IDS to continually and 
consistently look at every 
IP packet and respond ac- 
cordingly. In my environ- 
ment, I have no tolerance 
for an IDS missing, or 
dropping, packets _ that 
could be part of an attack. 

To up my 
started with a closed (not 
connected to the Internet), controlled 


set tests, I 


environment in which to configure my 


IDS. After the configuration was com- 


| plete, I launched a predictable attack 
| against a specific resource on the net- 


work while injecting increasing 


| amounts of network traffic. 


If you do this, at some point, the IDS 
will no longer be able to effectively and 
consistently detect the attacks. And 
that limit, measured in megabits per 
second, is what interests me. There are 
many ways to set up this test, but the 
basic elements consist of an attack gen- 


| erator, a victim system, a packet/traffic 
| generator and the IDS to be tested. 


I don’t have room to go into the con- 
figuration details, but here’s how I set 
up the testing. To start, I needed to have 


a consistent stimulus for the test to be 


effective and defendable, so I could use 


| the results for purposes of resource al- | 


| location, justification and other bud- 
| 

| getary requests. 

when setting up a test. First, your net- 
| work traffic generator should be con- 


comparable to your network’s general 
level of activity. I used a combination 
of HTTP, Telnet and Internet Control 
| Message Protocol packets. The best 
way to do this is to take a sample of 
your network traffic and configure 
your packet generator accordingly. 

The next issue is generating the at- 
tacks. I picked eight different attacks 
and scripted them so that when I typed 
“go 10.34.45.128,” my system would 


dress submitted at the command line. 

I built a Linux system just for this 
purpose. When choosing the attacks, 
| make sure you pick several types, as 
I did. (Choosing eight port scans or 
denial-of-service attacks doesn’t make 
| for a legitimate testing environment.) I 
| then configured a Solaris Web server 
| with an IP address of 10.34.45.128 as 
| my victim. 

For the IDS setup, I chose a policy 





that’s similar to the configuration I use | 


in my production environment. If I had 
| configured the IDS to watch only for 
| the eight attacks I scripted, it wouldn't 
| have been a fair test. I started with no 
| network traffic and launched the at- 
tacks against the victim system. That 


was the litmus test, and any good IDS | 


should be able to detect such attacks. I 
did this three times as a baseline. 


Then I increased the network traffic | 


in 3M to 5M bit/sec. increments and re- 
| peated the test, launching each attack 
three times at each traffic level. I did 
this until the IDS was no longer consis- 
| tently responding to the attacks. It was 
that simple. 
If your testing is successful, you 
should be able to determine at what 
| level your IDS will start dropping pack- 
| ets. In my test case, I was looking for 
performance in excess of 15M bit/sec., 
| as that seems to be my company’s aver- 
| age aggregate bandwidth. 
We are using RealSecure from At- 


There are a few things to consider | 


| figured to generate a mix of traffic | 


launch the attacks against the IP ad- 
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THISWEEK'SGLOSSARY 


www.shomiti.com: The Packet 
Blaster Plug-in from San Jose-based 
Shomiti Systems Inc. is an easy-to-use, 
configurable packet generator. | used it 
for my testing. 


| 
| 
www.netcomsystems.com: 
SmartBits from Calabasas, Calif.- 
based Spirent Communications is 
another good tool to consider if you 

| need a packet generator. 
www.sans.org/newlook/ 
resources/IDFAQ/ID_FAQ.htm: 

If you're in the market for an IDS, | rec- 
ommend a visit to the list of frequently 
asked questions about intrusion detec- 
tion at Bethesda, Md.-based SANS 
Institute's Web site. 


| 


_ SECURITY BOOKSHELF 


Hacking Linux Exposed: Linux 
Security Secrets & Solutions, by 
Brian Hatch, James Lee and George 
Kurtz (McGraw-Hill, 2001). | read secu- 
rity books as reference materials, and 
this book is an awesome reference. 
Although the authors’ primary focus is 
Linux, many of the terms, techniques, 
tools and discussions apply across all 
aspects of information security. 


lanta-based Internet Security Systems 
Inc. We based our selection on perfor- 
mance, previous experience and the 
need to get a system up and running 
very quickly. Another surprisingly well- 
performing IDS is Dragon Sensor by 
Rochester, N.H.-based Enterasys Net- 
works Inc. 

With the information you 
from your IDS testing, you can also 
| decide how you want to design your 
IDS infrastructure. To overcome IDS 
bandwidth limitations, there are ways 
to implement load balancing or segre- 
gation of your network to make the best 
use of the discovered IDS limitations. 

At the end of the day, you want to 
ensure that when something goes bump 
in the night, your IDS will respond 
| accordingly. D 


MOREONLINE For more on the Security 


Manager's Journal, including past journals, visit 
www.computerworld.com/securitymanager. 
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§ This week's journal is written by a real security manager, “Mathias Thurman,” whose name and employer have been disguised for obvious reasons. It's posted weekly at www.computerworld.com to help you and our security 
manager better solve security problems. Contact him at mthurman@hushmail.com or head to the Security Manager's Journal interactive forum 
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WEBSPHERE ror E-BUSINESS 


| CHOSEN 2:1 OVER OTHER E-BUSINESS SOFTWARE PLATFORMS | 


IT’S A DIFFERENT KIND or WORLD. 
© business software — ibm.com/websphere/ebusiness YOU NEED A DIFFERENT KIND or SOFTWARE. 





TECHNOLOGY 


TECHNOLOGY that 
gives doctors easy 
access to patient 
F i information and 
can quickly locate 
a specific specialist in an emer- 
gency would clearly be benefi- 
cial. On the other hand, such 
a technology could also let 
colleagues know how long a 
co-worker lingers at a water 
cooler or vending machine. A 
new ultrasound tracking system 
will make both scenarios pos- 
sible, highlighting how deeply 
questions of privacy are embed- 
ded in emerging technology. 
AT&T Corp.'s research labo- 
ratory in Cambridge, England, 
is working on a new ultra- 
sound system that will be able 
to locate a person wearing 
a small tracking device within 
inches and then create a virtual 
picture of his environment. 
The device, called Active 
Bat, works by sending sound 
waves that are picked up by 


three or more nodes in a grid of 


receivers placed throughout a 
building, usually above the 
ceiling tiles. The receivers 
measure the speed of the 
sound waves from the Active 
Bat. The system then calcu- 
lates the distance from the 
wearer to the receiver and can 
depict the wearer in a 3-D pic- 
ture of his environment. 

While there are clearly some 
privacy issues to be addressed, 
the new technology is primari- 
ly being developed as a way 
to create a fluid workspace in 


which the system knows where | 
a user is and logs him into the | 


nearest computer terminal with 
his personal profile. 


‘Tracking Your 
Every 


A new ultrasound device pin- 
points the wearer’s location with- 
in inches. By Jennifer DiSabatino 


OVE 


Active Badge, the predeces- 
sor to Active Bat, worked 
on much the same principle. 
However, it used an infrared 
signal and could pinpoint the 
device only to within a few feet. 

“With 50 PCs in the same 
room, [with Active Badge] it 
was actually impossible for the 
computer to know which one 
you’re standing in front of. 
That is not good enough,” said 
Andy Ward, one of the Active 
Bat researchers. 

Ward and his colleagues at 
the Cambridge labs, formerly 
known as the Olivetti Research 
Labs, are looking for a way to 
allow doctors, for example, to 
be able to immediately access 
patient information from the 
network as they move through 
a hospital. 

Active Bat’s technology and 
its support for this form 
of ubiquitous computing has 
potentially widespread appli- 
cations in various kinds of 
workplaces, according to re- 
searchers at AT&T. Companies 
could use the device in lieu of 
password log-ins. 

Each Active Bat transmitter 
uses 48-bit encryption for the 
user’s identification and would 
be more secure than a pass- 
word. Of course, the transmit- 
ters could be easily lost or | 
stolen, Ward noted, and might 
be used in conjunction with a 
fingerprint or other biometric 
scanner installed in the wear- | 
able device. | 

Cost is a factor in the devel- 
opment of ultrasound tracking 
technology, according to the | 
researchers. Providing em- 
ployees with wireless, hand- 
held devices that can access 
network data — another ap- | 
proach to getting information 
to mobile workers — requires | 
a substantial investment in 
both handheld computers and 
wireless infrastructure. 


The Active Bat system would 
require a smaller, but still sig- 
nificant, infrastructure invest- 
ment. AT&T's research lab es- 
timates that the transmitters 
will cost about $1. Currently, 
Active Bat receivers must be 
placed every 1.2 meters or so to 
work, which is roughly every 
third or fourth ceiling tile. 
Ward said he’s working on 
reducing the number of re- 
ceivers needed, which would 
lower costs 

There’s also the possibility 
that Active Bat could be used 
as an assistive technology, to 
provide a “picture” of their en- 
vironments to people who 
can’t see. Scientists are in the 
exploratory stages of a tech- 
nology that would turn ultra- 
created, for 
example, by Active Bat — into 
a sort of braille image for the 
user to “see” with his hand. 

“We've talked to people who 
are interested in [assistive 
technology],” Ward said. “But 
it’s probably going to be sever- 


sound images 


al years before this is common- 
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place. It’s still kind of on the 
whacky end of what’s possible.” 

Ward said the ultrasound 
emissions are within guide- 
lines set by international 
health bodies, and those stan- 
dards have been tested for 20 
years with no evidence of ill ef- 
fects on humans. 

Of course, there are poten- 
tial drawbacks to Active Bat, 
such as the effects on personal 
privacy. 

Ward said he would prefer 
that Active Bat not be used 
to monitor employees, adding 
that the technology was de- 
signed to give users quick 
access to computer networks. 

“When we developed the 
technology, we realized that 
there are implications for pri- 
vacy,” he said. 

Ward added that AT&T re- 
searchers were convinced that 
Active Bat’s potential benefits 
outweighed those concerns. 

“We shouldn't be doing this 


| [if] it would only be used for 


the boss watching where you 
are,” he said. D 


Ultrasound Location System 


Ashort pulse of ultrasound is emitted from a transmitter (an Active Bat) worn by the 
user. The system measures the time it takes for the pulse to reach three of the 


receivers and then calculates the 
transmitter's location via 
trilateration 


RECEIVERS 
will usually be 
installed above 
tiles in hanging 
ceilings. 


Ss- ACTIVE BAT 
TRANSMITTER 


(3in. by 1.5 in.) is worn 
or carried by the user 
and canbe located 
within inches. 
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THEY CAME HERE FROM A PARALLEL UNIVERSE. THEY NEEDED SOFTWARE...TO GO! 


LOTUS FoR W RELESS 


Log Entry, Day 25: Eureka! We foun With it, mobile knowledge w 


$ corporate applications via P 





work in real time — quite advanced. A most informative whitepe be fou at lotus.com/Visitwireles 


© IT’S A DIFFERENT KIND or WORLD. 
@?/ business software 


YOU NEED A DIFFERENT KIND or SOFTWARE. 


TECHNOLOGY 


WUELED BY A NEED TO REDUCI 
the total cost of ownership for 
its desktops, Royal Dutch 
Shell Group is rebuilding its 
worldwide infrastructure 
around Windows 2000. By 
exploiting Windows 2000 

ee Server's native public-key 
infrastructure (PKI) and smart-card 
support, the Hague-based oil and gas 


company expects to significantly reduce 


help desk support costs, increase secu 
rity and, ultimately, provide users with 
a single sign-on to all network assets. 
“We've been looking for ways to uni 
fy our [security processes] worldwide. 
When Microsoft built PKI and smart 
card support into Windows 2000, we 
decided to take advantage of that,” says 
Ken Mann, project manager for the se- 
curity initiative that’s under way at Shell 
Services International Inc., the compa- 


Smart cards promise to ease 
administrative headaches 


and improve network secu- 


rity — but the 


ralso add 


complexity to the IT infra- 


structure. By 


Kim Gilhooly 


« 


ny’s Houston-based IT arm. Currently 
in production with 7,000 users, the sys 
tem is slated to serve 85,000 users at 
1,200 sites in 134 countries by year’s end. 
Shell is just one of many large firms 
looking to reduce support costs and 
bolster security by arming employees 
with smart cards for network access. 
When used as part of an infrastructure 
that incorporates public-key cryptog 
raphy, smart cards can provide tamper 


resistant storage for network passwords, 


private keys and other personal infor- 
mation. Companies can use PKI and 
smart cards to authenticate users re 
questing network access and to achieve 
nonrepudiation (the ability to prove 
that a person took a particular action). 

Because smart cards store the pass- 
words needed to access various corpo 
rate applications, the help desk doesn’t 
have to field calls regarding forgotten 
passwords. That’s no small advantage: 
According to industry estimates, up to 
30% of support calls are about lost 
passwords, and manual password re- 
sets cost between $15 and $30 per call. 

Further, by giving users a smart card 
and a personal identification number 
(PIN), organizations can achieve two- 
factor authentication, which provides 
security by granting network access 
only to people who can prove they’re 
authorized by showing something they 
have (the smart card) and something 
they know (their PIN). 

Companies are also increasing secu- 
rity by tying network access to physi- 


COMPUTERWORLD May 21, 2001 


cal access, all on one smart card. 

This could ease the burden on users 
as well, because smart cards — with 
their stored private keys, passwords 
and digital credentials — can help cor- 
porations create single sign-on (SSO) 


access for all network resources. 


New Savings, Costs 

However, building an access model 
around smart cards and PKI can be 
challenging. While a smart-card sys- 
tem reduces support costs, it creates 
others: Companies must purchase the 
cards, as well as readers or card-ready 
computers, at costs varying from less 
than $100 to several hundred dollars 
per user. Businesses need a card man- 
agement system to issue and revoke 
cards. If enterprises are going to issue 
digital certificates, they must establish 
a system to do so or use a third-party 
certificate authority. And they face 
complex integration issues as they 
migrate applications to PKI to allow 
access to network assets via SSO. 

Detractors say putting passwords on 
one card and creating an SSO model 
risks giving away the keys to the king- 
dom, should the card be compromised. 
But the potential benefits and market 
drivers such as new privacy legislation 
have many large firms considering PKI 
and SSO initiatives. 

The difficulties associated with 
bringing together PKI and smart cards 
for network access means many firms 
will turn to Microsoft Corp., say ana- 


OMART CARDS 
OMART MOVE? 
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lysts. SSO integration problems can be 
minimized by the homogeneity that 
Microsoft brings to the enterprise. 

“Single sign-on is extremely difficult 
to do, even in a pure Microsoft envi- 
ronment. Without that, it’s virtually 
impossible,” says Cate Quirk, an ana- 
lyst at AMR Research Inc. in Boston. 

Windows 2000 provides for inte- 
grated SSO capability by means of the 
Kerberos authentication protocol, ac- 
cording to Mike Dusche, a Microsoft 
product manager. 

That appeals to Royal Dutch Shell. 
“Certainly, Microsoft isn’t best-of- 
breed, and they’ve had problems with 
their first release of PKI [support],’ 
says Mann. “But they are bringing it all 
together in one place, so we can live 
with the shortcomings and the knowl- 
edge that it will improve with future 
releases. If we went with trusted third 
parties for all our users and PKI, the 
costs would be much higher.” He adds 
that large organizations deploying a sys- 
tem like Shell’s, which includes read- 
ers, multifunction smart cards and card 
management software, can expect to 
get costs down to $30 to $40 per user. 

Mann says that although Shell has 
hit “some bumps in the road” at this 
early stage, most will be alleviated when 
the company deploys its card manage- 
ment system. He says users generally 


cod 
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Smart Cards at a Glance 
PROS | 


® Two-factor authentication 
enhances security. 

® Help desk calls for lost passwords 
are reduced. 


® Setup is made less complex by 
smart card, Kerberos SSO and PKI 
support in Windows 2000. 


® Integration issues with PKI and 
SSO are still complex. 


management systems can cost 
$100 or more per workstation. 


® Lost cards can create security 
risks. 


like having one card for network log- 
on, building access and cafeteria billing. 
Several factors drove London-based 
British Telecommunications PLC (BT) 
to deploy a PKI-supported smart-card 
system, including the fact that it has 


KEN MANN, project manager 
at Shell Services Interna- 
Phorm R nwt 
PEt emg 


60,000 employees who need remote 
access. Though BT’s dial-up approach 
is generally sufficient, it experienced 
scalability difficulties whenever the 
ranks of remote workers swelled. 

“We wanted to make access more 
ubiquitous,” says Steve Brown, head of 
business development and utility ap- 
plications at BT’s Ignite communica- 
tions services unit. “We decided to use 
digital certificates stored on smart 
cards, with Microsoft as the platform, 
and employ IPSec for encryption.” The 
firm previously used Bedford, Mass.- 
based RSA Security Inc.’s SecurID token 
for remote access. Brown says that al- 
though that approach served the com- 
pany well, users had to remember pass- 
words, and the system didn’t provide 
the encryption levels that BT desired. 

“Our system required changing pass- 
words every 30 days. People inevitably 
forget passwords, and turning to the 
help desk is an expensive hobby. We’re 
trying to get away from those opera- 
tional expenses,” says Brown. 

[The company is piloting smart-card- 
based access for about 200 workers 
and plans to eventually roil out the sys- 
tem to 60,000 of its 130,000 employees. 
Brown says that SSO is a goal at BT, 
but progress will come in stages. “You 
have to bite off sensible chunks. We’re 
saying, ‘Let’s get the infrastructure and 
the access mechanisms there and de- 
termine the priority sign-ons before 
we move forward.’ ” 

Indeed, SSO doesn’t come easily, and 
some doubt it will come at all. 

“SSO became a big deal four or five 
years ago, when users had a lot of op- 
erating system and application ac- 
counts, but it never really worked that 
well,” says John Pescatore, an analyst at 
Stamford, Conn.-based Gartner Inc. 
“Now the issue is access to Web-based 
accounts. Rather than worrying about 
users doing SSO, companies need to 
worry about how they can administer 
user privileges centrally.” 

Sue Pontius, CEO of San Jose-based 
smart-card system vendor Spyrus Inc., 
says SSO is more of a goal than a real- 
ity. “Single sign-on doesn’t really exist; 
reduced sign-on is the more appropri- 
ate term,” she says. “Your goal is to 
raise the bar by making it easier for au- 
thorized users to access accounts and 
more difficult for everyone else.” D 
Gilhooly is a freelance writer in 
Falmouth, Maine. 


MOREONLINE 


For more information about smart cards, visit our 
Web site 
www.computerworld.com/scards 
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Enterprise Vault Eases 
E-Mail Admin Woes 


KVS’s tool helps keep Exchange message 
stores lean and archived mail accessible 


BY ROBERT L. SCHEIER 
OMETIMES IT’S the 
mundane problems 
that waste the most 
time 
Consider e-mail. 
When Microsoft Exchange 
message stores grow too large, 
they degrade the performance 
of Exchange servers. To pre- 
vent the uncontrolled growth 
of users’ mailbox content, 
some administrators set quo- 
that shut down a 
e-mail if his mailbox grows too 
large. But 
when faced with the 
their e-mail, and 


tors must either force users to 


tas user’s 


users get grumpy 


administra- 


delete old messages or manu 
ally reset their e-mail quotas. 
And if a 


deletes a vital message, search- 


user accidentally 


ing for it in old backup files can 
take hours 

New York-based KVS PL( 
claims to have a better way, 
with Enterprise Vault for Mi 
crosoft Exchange. The compa 
ny’s information archiving and 


retrieval tool automatically 
moves e-mail messages further 
into a company’s storage envi 
ronment as those messages age 
and indexes them so they can 
be retrieved for regulatory, le- 
gal or other purposes. 

“They address two key bus- 
iness needs for Exchange 
users,” says analyst Mark Levitt 
at IDC, a Framingham, Mass.- 
market research firm. 
the need to offload 
storage from both local and pri- 
mary servers to backup servers 
and archival servers.” Those 
backup and archival servers are 
less expensive than primary 
servers, says Levitt, and mov- 
ing older e-mail to them helps 
keep primary e-mail servers 
running at peak performance. 

The second need is disaster 


based 


“One is 


recovery, since having an easily | 


loss of 


searchable archive of e-mail 
helps companies recover from 
the failure of a primary Ex- 
change server. 

“What Exchange is good at 
is the dynamic, minute-to- 


minute information,” says Nigel 


Dutt, co-founder and 
technology officer at KVS. 
“What we're good at is the big- 
bulk, long-term, high-volume 
storage.” 

Enterprise Vault first 
developed by Digital Equip- 
ment Corp. but was acquired 
by KVS after Compaq Comput- 
er Corp.'s acquisition of Digi- 
tal. It runs on a dedicated Win- 
dows NT or 2000 server and 


was 


“WHAT WE'RE GOOD AT is the big-bulk, long-term, high-volume 
storage,” says KVS co-founder and CTO Nigel Dutt. 


KVS PLC 


230 Park Ave., Suite 1000 
New York, N.Y. 10169 


Web: www.kvsinc.com 


Niche: Microsoft Exchange 
archival storage and knowledge 
management 


Why it’s worth watching: It 
boasts strong capabilities for eas- 
ing administration of Microsoft Ex- 
change in large companies or those 
with regulatory or legal require- 
ments for tracking e-mail. 


Company officers: 

* Geoffrey Chamberlain, chairman 
Mike Hedger, CEO 

© Nigel Dutt, chief technology offi- 
cer and co-founder 


Milestones: 

© December 1999: KVS founded; 
acquires rights to sell Enterprise 
Vault 





© July 2000: Firm raises 
$8 million in second 
round of funding 


Burn money: $9 mil- 
lion from Durlacher Corp 
and Cazenove Private Equity 


Products/pricing: Enterprise 
Vault for Microsoft Exchange costs 
$3,000 per server, plus $15 to $50 
per user (based on the size of imple- 
mentation) and an 18% annual soft- 
ware maintenance fee. 


Customers: Donaldson, Lufkin 
& Jenrette; Jackson National Life 
Insurance; Alberta Department of 
Energy and others 


Red flags for IT: 

*KVS bills Enterprise Vault as a 
knowledge management tool, but 
most customers use it only for 
archiving Exchange e-mail traffic. 
The product can be complicated 
to set up and configure. 


chief 


supports multiple Exchange 
servers, automatically moving 
aging e-mail from users’ mail- 
boxes to the Enterprise Vault 
store. From there, e-mail can 
either be deleted or moved to 
secondary or tertiary storage. 
Microsoft Exchange allows 
users to store old messages in 
personal information store 
(PST) files. But Dutt 


that Enterprise Vault is superi- 


claims 


or to using PST files because 
such files can’t exceed 2GB and 


can be accessed only by users. 


| Off-line But Accessible 


Since March, the Alberta 
Department of Energy in Can- 
ada has been using Enterprise 
Vault to archive 80GB of Ex- 
change 5.5 data, says network 
analyst Judy Glazier. Beyond 


the advantage of not having to | 


| back up PST files, she says, her 


MPUTER, | 


1,000 users can search Enter- 


prise Vault themselves for | 


missing file at- 
tachments. 


Glazier 


messages or 


says she’s been 


pleased with the performance | 


and ease of use but 
mends having KVS do the in- 
stallation and 
Enterprise Vault “isn’t a very 
easy product to install and set 


recom- 


configuration. 


up,” she says. 

Jackson National Life Insur- 
ance Co. in Lansing, Mich., 
considered using Enter- 
prise Vault but was ini- 
tially reluctant to buy 


° 


from a small start-up, | 


says director of net- 

work services Brian 
Gunnell. This 
however, the insurer pur- 
chased Enterprise Vault for 


some users, and Gunnell says | 


the product has been “very 
easy to manage, very easy to 


| administer.” He says the com- 





pany plans to deploy it enter- 
prisewide this summer. 
KVS pitches Enterprise Vault 


| as a knowledge management 
| tool that could help mine Ex- 
| change e-mail for vital infor- 


mation. Users and analysts say 
that’s a future concern, and 
they’re more impressed with 
Enterprise Vault for its ability 
to solve common e-mail man- 
agement problems today. D 


Scheier is a freelance writer in 
Boylston, Mass. 


spring, | 


| Ixos Software AG 


| Munich, Germany 
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the buzz 


STATE OF 
THE MARKET 


Managing the 
Exchange Store 


With 50 million to 60 million Microsoft 
Exchange users worldwide, there's built- 
in demand for any tool that can make an 
e-mail administrator's life easier. Within 
that user base, between 30% and 60% 
have enough of a need and the ability to 
pay for an archiving tool such as KVS's 
Enterprise Vault, says Tom Grace, re- 


| search director at research firm Open 
| Systems Advisor Inc. in Boston 


The sweet spot for KVS, says Grace, 
will be companies that are large enough 


| toface e-mail storage challenges or 


companies of any size that have a legal 
or regulatory requirement to store, track 


| and retrieve e-mail 


KVS claims that Enterprise Vault 
could be used to sort through e-mail 
messages, attachments and other files 


| to create knowledge management ap- 


plications. But Grace says KVS “is really 
part of the puzzle, not the complete solu- 
tion” for such efforts. Current competi- 


| torsinclude the following 


Veritas Software Corp. 


Mountain View, Calif. 
www.veritas.com 


Veritas’ NetBackup for Microsoft Ex- 
change Server supports automatic, un- 
attended backup for local or remote Ex- 
change clients, as well as the ability to 
restore individual mailboxes, folders and 
messages. It offers backup and restore 


| capabilities but not message searches 


www.ixos.com 


| lxos-ExchangeArchive allows the auto- 
| matic archiving of complete e-mail mes- 
| sages or just attachments in asecure 


repository, as well as transparent user 
access to archived items from users’ 
Exchange e-mail folders. Archival mes- 
sages aren't searchable, however. 


OTG Software Inc. 

Bethesda, Md. 

www.otg. com 

OTG's EmailXtender automatically 
stores and archives e-mail and attach- 
ments into its Enterprise Message Cen- 
ter, with full-text indexing and searching 
of messages and attachments. 


~- Robert L. Scheier 
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At PC EXPO, the expo portion of 
TECHXNY, you’ll find mobile & wireless, 
business solutions, leading-edge Internet 
security advances, ASPs, the latest in 
Linux, storage technologies and more. 
The best products, services and real- 
world solutions —all delivered by the 
best vendors and solutions providers in 
the IT industry. 


Conference Dates: June 25-28, 2001 


Exposition Dates: June 26-28, 2001 
Location: Javits Center, New York City 


Flagship Sponsors 


@- ocuraes  EheNew ork Cimes 


Platinum Sponsors 


COMPAQ 


REGISTER TODAY AT: www.techxny.com 


Gold Sponsors 


handspring MWT AN 


JOLOGIES Adobe 


‘ 
anatysts @w BusinessWeek 


e, the leading 


companies and conferences 


in technology take center 


stage in New York City. 
v 


VY 
a 


Limited Engagement. One Week Only. 


TECHXNY’s full week of conferences, education summits and 
special events has something for just about everyone. The IT 
Innovation Conference focusing on innovative security solutions... 
an IT infrastructure built for speed...top-notch information-sharing 
architecture...Best of Brainshare...SAN and Clustering Summits... 
and the wide, wide, wireless world. 


Marketing Integration eXchange, a conference and exposition, 
focusing on the use of technology to maximize marketing 
effectiveness and optimize customer relationships. 


There's the Finance Exchange. eTV World. Working Woman 
Women Elevating Science Technology Awards. Compelling 
keynote speakers. Solutions Integrator Think Tech. PC Career 
Expo. And still more targeted programs and events are on their 
way to bring you the cutting-edge of IT today. 


To learn all about what there is to see, do, hear, and learn at 


TECHXNY this June, log on to www.techxny.com. And while you’re 
there, make sure to register right away! 


Sponsor of IT Innovation Conference 


Novell VERITAS Forbes 


W.E.S.T. Awards 


Worn 


Keynote Sponsor 


OrmniSky 


ET ge ea 
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High 


Harsh 


Reality 


Dizzy with images of dollar signs in their heads, IT job 
candidates are finding the financial services industry to be 
much less generous than they expected and employers a lot 
fussier about what they'll shell out cash for. By Erik Sherman 


uX 


JOHN KIVEL says many applicants for IT positions at his firm have unre- 
alistic expectations of the kinds of salaries the current market will bear. 


The Market 
At a Glance 


Financial services companies are 


involved with the movement and 


investment of money and include 


banks, mortgage and loan com 
panies, and brokerage houses. 


Top IT job: Programming 


Top IT skills: C++, Java, customer re- 
lationship management, stock trading 
applications and enterprise application 
integration 


Salaries: Amounts are down from the 
highs of last year. For example, a pro- 
grammer with two to five years’ experi- 
ence could expect to earn $60,000 


tired of 


unreal 


OHN KIVEL is 

candidates with 

istic expectations seek 

ing IT jobs in financial 
services. 

“People still have that 

taste in their mouth from 

last year, when companies were 

salivating from the sight of your 

[networking] 


one to two years’ experience,” 


certification or 


recruiting manager 
at Boston-based WorldSt 
Corp., which makes 
that match 


says Kivel 
reet 
systems 
securities buyers 
and sellers. 

“A lot of these 


to corporations and were paid 


people went 


$65,000 to $70,000 for one year 


of experience,” Kivel 
“Now they’re jobless. They’ve 
at that level and 


says 


set their bar 
think they 
bump when they come to us, 
when reality is, they’re proba 
bly a $55,000- to $60,000-a- 
year candidate.” 


deserve another 


The softening of the econo- 
my has brought big changes to 
the financial services industry. 
The freewheeling days of the 
past couple of years are over. 
Companies that are still hiring 


are strategically filling key 


to $80,000 per year, depending on 

the job's geographic location. Project 
managers might earn $100,000 to 
$120,000 


Culture: Forget about seeing compa- 
nies cater to IT job candidates’ whims. 
As the employment market has tight- 
ened, companies have seen more 
candidates for open posts and have 


technical positions. 
Companies are also choosier 
about who they bring on board. 
Chen there are those firms that 
are cutting back on projects 
‘Financial services were on 
the forefront of adopting new 
technology and e-commerce,” 
says John Barrett, an executive 


director at Russell Reynolds 


Associates Inc., an executive 
placement firm in New York. 
“What we 
retrenchment. 


either shutting down [online 


are seeing is a major 
Companies are 
divisions] entirely or saving 
aspects, like the tech- 
nology, and embedding that 
back into the existing organi- 


certain 


zation.” 

Not all recruiters agree with 
Barrett. “A lot of recruiters [in 
financial services] 
what hits their desk, 
define the industry as what 
hits their desk. That’s not real- 
ity,” says Patrick Sylvester, man- 
aging director at Philadelphia- 
based recruiting firm Banister 
[Many financial 


services firms] had so 


only see 


and they 


International. “ 
many 
openings going into 
this scenario, they still 
have open [requisi- 
tions].” 

Much of the hiring is 
happening 
without the use of re- 


firms. For 


directly, 


cruitment Not 
r Wet 
would-be employees, 


that means focusing com/finjobs 
on contacting compa- 
nies directly through We 
getting referrals 
from current employees. 

At Merrill Lynch & Co. in 
New York, the 
nomic climate 
company to re-examine 


*b sites 


yr, better yet, 


changing eco- 
is causing the 
a rush 
of projects from the past cou- 
ple of years and to focus more 
heavily on business priorities. 
“There is careful 
due to market condi- 
our IT spending,” 
Brzozowski, a 


more 
scrutiny, 
tions, on 


says Ken vice 


become less generous with perks 


Recruiter’s view: Companies are 
pushing application areas that can pro- 
vide additional income, and they want 
employees who will push, too. Poorly 
performing employees are likely to be 
shown the door. There are many open- 
ings, but companies are now hiring 
directly, without using staffing firms. 


MOREONLINE 


www.computerworld. 
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president in the technology 
unit of Merrill Lynch’s corpo- 
rate and client 
group. “We're not necessarily 
canceling all projects. We’re 
slowing down and delaying 
some that may not be critical.” 

Job candidates should also 


institutional 


expect salaries that have de- 
flated highs of last 
year, when traditional financial 


from the 


services firms were worried 
about losing people to Internet 
start-ups. 

“People were getting greedy 
last year,” notes Michelle Pat- 
president of X-cavate 


Research LLP, a Houston-based 


terson, 


human resources research firm. 
“You can’t get as greedy as you 
were last year.” 

For example, C and C++ 
grammers can expect $60,000 
to $80,000 per year, depending 


pro- 


on geography and experience. 
A tighter market 
mean that someone without fi- 


doesn't 


nancial services experience is 
left out. Kivel says he’s looking 
for candidates with a financial 
services and investment tech- 
nology background, 
but he finds such peo- 
ple only 10% to 15% of 
the time. 

For job hunters who 
aren't at the top of 
their game, Jan Lee, 
CEO of Breck Technol- 
ogy Services Inc., has 
some advice. “Increase 
skill set 
bring value to your 
current then, 
things settle down, 
says Lee. Breck Technology is 
a Charlotte, N.C.-based human 
resources consulting firm. 


your where 
you are, 
position, when 


move on,” 


“Start planning on your exit,” 
Lee suggests. “Look at 
technology, get training in that 
area, and look companies 
you might want to work for.” D 


new 


Sherman is a freelance writer in 
Marshfield, Mass. 


Resources: 
Association for Financial 


| Technology: 


www. bannister.com/att/index.html 


| American Bankers Association: 


www.aba.com/ 


The Banking Channel: 


www.thebankingchannel.com/ 


| Financial Services Technology 


Consortium: www. fstc.org/ 








another millisecond, another dollar 


“Get CRM right and your company wins in the online 
economy. Get it wrong and you are not even in the game.” 


—Peter Keen, 
President, Keen Innovations and author of 
From .com to .profit and The eProcess Edge 


sees —> Another day in the lightning fast world of electronic 

customer relations, where customers make instanta- 
es age et Soles teaaogt rues acme cs 2s neous decisions that can last a lifetime. To succeed, 
UU you need to satisfy a whole new set of needs—those 
of the online customer. CRM at the Speed of Light 


gives you solid information and straightforward advice 
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FEATURED KEYNOTE 


EFF TAYLOR 
CEO, MONSTER.COM 
& CEO, TMP INTERACTIVE 


SESSION HIGHLIGHTS 


Successful College Recruiting 
in the Toughest Market Ever 
JULIE CUNNINGHAM 


Workshop: Becoming a 


Strategic Business Partner With 


Your Hiring Managers 
KEN GAFFEY 


TAFFING ¢ TANT 


Technology 2001 
SUSAN HODGES 


SEMCO ENTERPRISES. IN( 
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Ook at the new technology 
area: platforms, development 
nmunications, and applications. 


Updat on Immigration Laws 
ecting Your Professional IT 
Staff 

HARRY JOE, ESQUIRE 

JENKENS & GILCHRIST 

Update on the new immigration provisions for H- 
1B and Permanent Residence processing and their 
impact on recruiting and retention, and the new 


labor certification procedure proposed by USDOL 
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Look to Seed IT Start-ups 


Partnerships help companies boost their 
online business offerings to customers 


BY LUCAS MEARIAN 
INANCIAI services 
companies such as 
New York-based Mer- 
rill Lynch & Co. are 
embracing strategic 

partnerships with technology 

and 
means of expanding their on- 
line offerings. 


service providers as a 


The trend, which allows for 
the joint creation of applica- 
tions, enables brokerages to of- 


Continued from page 1 


IT Security 


gets for lawsuits, agreed Mar- 
garet Jane Radin, a professor of 
law, science and technology at 
Stanford University Law School. 

Legal liability in such cases 
is likely to depend on what 
prevention technologies and 
practices are available and on 
whether these technologies 
and practices are reasonably 
cost-effective to implement, 
she said. 

As aresult, showing due dili- 
gence will mean everything 
from implementing technolo- 
gies such as firewalls, intru- 
sion-detection content 
filters, traffic analyzers and 
virtual private networks to 
having best practices for con- 
tinuous risk assessment and 
vulnerability testing. It will 
also mean having corporate 
policies and procedures back- 
ing up all of this, analysts said. 

“There are a lot of dimen- 
sions to the issue,” most of 
which are outside the purview 
of IT departments, said David 


tools, 





fer new services to customers 
and then resell those same ser- 
vices to competitors. That can 
spur adoption of the technolo- 
gy and provide a return on bro- 
kerages’ investments. 
Needham, 
research 


According to 
Mass.-based market 
firm TowerGroup, 
ships are becoming attractive 


partner- 


to financial services firms be- 
cause rapidly changing tech- 
nology and a shortage of IT 


Tort Tests 


workers have made in-house 
development more difficult. 
Such marketplace pressures 
are creating a split in the finan- 
cial industry, 
Mark _ Sievewright, 
president and CEO 


services said 


of TowerGroup. 
Some firms, such as 
New York-based Cit- 
igroup Inc., are try- 
ing to be full-service 
Others, 

Lynch, 
partner- 


providers. 
like Merrill 
want to be 
ship-oriented firms. 
In the 
years, Merrill Lynch 


past two 


Margaret Jane Radin, professor of law, science and technology at 
Stanford University Law School, speculated on how courts are 
likely to analyze DDOS-based tort claims. 


> It’s likely courts will consider liability for DDOS attacks under 
the rubric of negligence rather than that of strict liability. 


> Damages could follow if the negligence results in losses on ac- 


count of a DDOS attack, if the 


losses are foreseeable and 


could have been prevented with the exercise of due care. 


>In the absence of contractual disclaimers, a service provider 
and its customer are bound to show reasonable care. 


>A network intermediary could be held liable to its customer, 
such as a portal or other e-commerce site, which could be 
held liable to its own customers. 


Krauthamer, MIS manager at 
Advanced Fibre Communica- 


tions Inc., a manufacturer of | 


telecommunications equip- 
ment in Petaluma, Calif. What 
IT managers need to do is to 
“be very aggressive about con- 
trolling and monitoring securi- 
ty,” Krauthamer added. 

The issue of who bears re- 
sponsibility for DDOS attacks, 
for instance, is a question that 
is likely to be legally tested in 
the very near future, agreed 
most analysts. 


DDOS attacks use a multi- 
tude of hacked systems, known 
as slaves or zombies, to inun- 
date a Web site or Internet- 
connected server with a flood 
of useless traffic. 

“The legal aspects [of such 
attacks] are a big, wide-open 
issue,” said Tony Gauvin, a vice 
president of software and op- 
erations at ElephantX Online 
Securities LLC, a New York- 
based financial start-up. 

The attacks are hard to pin- 
point, since they involve multi- 





PACKER: Merrill 
Lynch is partnering 
with ASP FinTrack. 


has added more than 70 “sig- 
nificant” applications to its 
Web site, said Michael Packer, 
the company’s head of institu- 


tional e-commerce. And 45 of 


those 
were 
past year alone. 

In October, for ex- 
ample, Merrill Lynch 
entered a _partner- 
ship with New York- 
based application 
service provider Fin- 
Track Systems Corp. 


applications 


added in the 


to develop a Web- 
based equity trading 
system for clients. 


ple sources, including service 
and network providers, host- 
ing companies, portal opera- 
tors, corporate sites and uni- 
versities. 

It’s possible that not only 
will service providers be held 
legally liable for such attacks, 
but victim sites — 
opted by perpetrators to take 
part in the attack and 
crippled by attacks— could be 
as well, said Joseph A. Cooper, 
president of Digital Defense 
Inc. ,a San Antonio-based Web 
security company that special- 
izes in financial services firms. 

For instance, an online trad- 
ing site taken down by a DDOS 
attack could be found negli- 
gent if it lacks adequate mea- 
sures to assess the security 
readiness of its Internet ser- 
vice provider, Cooper said. 

“From a liability standpoint, 
it is a good defense to be able 
to say that the [security tech- 
nologies] you have are state of 
the art and adequate and that 
you have done everything you 
can,” said Tom Beach, senior 
vice president of risk manage- 
ment solutions at Zurich North 
America Financial Enterprises, 


those co- 


sites 
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Since Merrill’s site connects 
to dozens of back-end systems 
it must deliver information in 
real time over the Internet and 
have security and controls to 
handle the transactions at the 
same time, Packer said 

“Tt was clear to us if we used 
just Merrill Lynch employees 
and licensed products, or even 
said, 


vendors and 


model 


went to 
‘Build this 
wouldn’t sustain us or ge 

fast enough,” Packer said. N 

rill Lynch also loaned FinTrack 


for 


a senior business employee for 
one year to help the start-up 
grow. With Merrill Lynch h« 
ing a minority stake in 
Track, there was “incentive for 
both of us to work hard togeth- 
er,” Packer said. The move le 
to the eCharm, 


which Merrill Lynch now hel; 


creation Of 


FinTrack sell to financial ser- 


vices competitors. D 


financial 
services that 
ides insurance for third-party 
iability. Zurich, like the grow- 


a_ Baltimore-based 


company pro- 


v 
l 
ing list of insurance companies 
scrambling to provide third- 
party liability insurance, offers 
security 
through third parties and also 


has recommended best prac- 


assessment services 


tices for its clients. 

Emerging privacy and secu- 
rity regulations, such as the 
Health Insurance Portability 
and Accountability Act and the 
Gramm Leach-Bliley Act gov- 
erning 
mandate specific requirements 
for firms in these industries. 

Companies outside of these 
industries would also do well 
to adopt a similar continuous 
cycle of identifying and elimi- 
nating risk mandated by these 
regulations, analysts said. 

Ultimately, “the point to re- 
member is that where there are 
no specific laws, they will be 


financial institutions, 


built in the courtroom,” 
warned Marc Enger, a former 
director of security operations 
for a branch of USS. Air 
Force and now a director at 


Digital Defense. D 


the 


= & Asp & 
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SPEAKING 


The Source of Clout 


OES IT MATTER? Does it really matter whether your 
CIO is one of the five best-paid executives in the com- 
pany? In last week’s Computerworld Cover Story, re- 
porter Kim S. Nash dug through proxy statements for 
the Fortune 1,000 and discovered that only 46 CIOs — 


4.6% — made that lofty grade. 


Of course, that doesn’t take into account big conglomerates where 
the top five has to include divisional presidents. And just because 
your CIO is No. 6 or 7 doesn’t mean IT doesn’t have a place at the 
table. It’s just an indicator. But yeah, it matters. 


Not because it means the CIO gets a bigger 
boat. Not because the IT shop gets bragging 
rights. Not because the visibility demonstrates 
that technology is really business-critical here 
or some such high-sounding gobbledygook 

It matters because those dollars measure how 
much clout the CIO has. That’s clout to get cap- 
ital equipment IT people need, to make impor 
tant projects happen, to hire the right people 
and pay them well. It’s clout to go 
head to head with sales and man- 
ufacturing and marketing chiefs at 
budget time. It’s clout to help 
guide the business. 

— the 
business. That’s why a CIO has 


Not just the technology 


clout. Not professionalism. Not 
technical savvy. Certainly not the 


with clout are at the table because 


they understand business, they 


CIOs with 
“business importance of IT.” CIOs clout have ga 


And today we can’t afford to be the only major 
group in the company that’s not focused on do- 
ing business. 

Look, we'd sneer at a sales guy who could 
make an elaborate pitch but couldn’t close the 
sale and book the business. What good is all 
that jawing if he doesn’t bring back money? 

We'd laugh at a marketing chief who came up 
with clever slogans and promotional ideas but 
didn’t put together a marketing 
campaign that moved the prod- 
uct. We'd snicker at a business de- 
velopment executive who 
dreamed up brilliant partnership 
opportunities but never actually 
got any of them to generate rev- 
enue. We’d jeer at a manufactur- 
ing operations guy who couldn’t 
get the right products out the 
door at the right time. 

Pretty ridiculous, huh? But why 


ALASKAN OIL COMPANY has 


a server named for a local f 


1 
ai NIST 


} village called Homer. By « 
DIological activity reac 
BART data 

server. But when a ne\ 


s first deman 


recite 
esuil 


names. “It's unpre 
s. “The 


uvenile program.’ 


" manager sr 


Simpsons is a 


HELPFUL USER informs help 
desk that the toilet in the men’s 
3n't working. Thanks, but 

) asks [ ad pilot 

5 |, it flushes automati 
lly,” says user. “Since it’s obvi- 
ously computer-controlled, | 


thought you might want to fix it.” 


SECRETARY PILOT FISH gets 


T trom a user wno cant 


moplaint 
print out the attachment she 
sent him. “Every time | try to print 
it, | get an error saying ‘printer 

of paper,’ and it won't print,” 
he says. “Put more paper in your 
ne know if it still 


doesn't work,” secretary sug 


printer, then 


gests - and she doesn’t hear 
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from that user again 


CORPORATE HONCHO calls 
el ask: he’s forgotten his 
password and wants pilot fish to 
give it to him. Fish explains he'll 
have to assign a new password 
“all we can see are asterisks 

where your password is.” Replies 
honcho, “Well, you're the techni- 
cal wizards — figure out what the 


little asterisks mean.” 


IT MANAGER pilot fish tracks 
down what's blocking this sales 
guy's Web access: An Internet 
ad banner filter that the sales 
guy installed himself won't work 
through the proxy server. Why'd 
you install this? he asks as he re 
moves it. Sales guy responds, “I 
really wanted it for home, but | 
figured I'd try it here first to see 


how it worked.” 


Try one on me: sharky@ 
computerworld.com. You 
get a stylish Shark shirt if your 
true tale of IT life sees print - or 
if it shows up in the daily feed at 
computerworld.com/sharky 


The 5th Wave 


people who should we think we deserve any 
take care of better if we’re not taking care of 


talk business and they make busi- 


ness happen. 


And, oh yeah, because their IT 
departments understand business 
and make it happen, too. CIOs 
with clout have IT people who 
take care of business. 

Not just technology. Business. 
And why aren’t more CIOs on 
the nosebleed rungs of the corpo- 
rate ladder? Because too many 
people in their IT shops aren’t 

comfortable with business. 

OK, sure, we’re technical peo- 
ple. We like code and wires and 
speeds and feeds. And for a long 
time we didn’t really have much 
to do with doing business. We just 
processed data. 

But those days ended long ago. 


business. 


FRANK HAYES, Computer- 
world’s senior news colum- 
nist, has covered IT for more § 
than 20 years. Contact him at § 

frank_hayes@computerworld.com. 


business, too? 

Supply chains, e-commerce, 
Web stores, even departmental 
applications — they’re all busi- 
ness projects, not just technical 
exercises. We've got to think of 
them that way to understand 
what our users need, and why, 
and how to deliver it. 

Otherwise we're just kidding 
ourselves about IT’s importance 
to the business. 

So if your CIO isn’t at the table 
with your organization’s other top 
execs — yes, it matters. And if IT 
doesn’t have real clout in your 
company, you probably don’t have 
to look far to find the reason. D 


Rich Tennant, www.theSthwave.com 


“You show 4 lot of promise in efublishirg. 
Your fivst novel was rich with gripping 
AHTML, breathtaking in its hyperlinks, 
and visionarg in i's cross-browser platform.” 
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Books, CDs, electronics, toys, software. You name 
it, you can find it at Amazon.com. But when it was 
time for. these online pioneers to do some shopping 
of their own, they turned to SAS. That’s because 
we delivered just what Amazon.com was searching 
for — the next generation of thinking on data min- 
ing and e-Intelligence. And a reliable way to make 
sense out of an overwhelming volume of raw Web 
data. So now the folks at Amazon.com can learn 
more about what their online shoppers really want. 
Leverage supplier monte Oo mree ase Ree Se 
And ensure that everyone 1s working together to 
make each customer experience better than the last. 
To find out what SAS could do for your business, 


Ce Mther eee eee Oma Akar: CYL 


The Power to Know a SdaS 


e-Intelligence 


Make your business mobile 


You know the feeling: time is short, but your 
working day is getting longer. Your competitors 
are only a mouseclick away from your clients 
and you're supposed to worry about network 
connections and transmission rates? 
Why not concentrate on what you do best and 
leave the rest to us? Let us help you: 

boasts a world 


of expertise in IT operations for your business 
processes. 

In fact, we're the only provider to give you the 
full range of mobile business solutions. 

This way, you can watch your visions take shape, 
even with your eyes closed. 

Just tell us what — we'll handle the how. 


obile business 
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